No tenim cap problema amb els navegadors, però sí amb els dinosaures. Per visualitzar correctament el contingut d’aquest lloc web, actualitzeu el vostre navegador.

Patch Management

Having a strong endpoint security foundation is crucial but antivirus alone isn’t enough. Avast Business Patch Management takes the guesswork out of patching by identifying critical vulnerabilities and making it easy to deploy patches from a central dashboard.

For Windows operating systems only.

13,99 €

per 1 device 1 year

If you already use the Avast Business Management Console, please log in and purchase Patch Management from there.

Patch Management plays a critical role in layered endpoint cybersecurity.

Patch Management

Patch management plays a critical role in endpoint cybersecurity. Patches are released to fix vulnerabilities or security gaps in Windows operating systems and other application software. If patches are not applied in a timely manner, networks can be severely compromised.

While most businesses are aware of the importance of patching, many don’t because there are too many patches, patching often interrupts operations, and patches can cause problems with other systems.

Patch Management, now available in both the Management Console and CloudCare, solves these issues by making it easy to identify and deploy critical patches and monitor ongoing activity from a central dashboard.

Watch video

How does patching work?


Scan all devices for missing patches

Select the frequency of the patch scan, either daily, weekly, or monthly and schedule at the precise time when you would like the scan to take place.


Deploy patches

All vendors, software applications, and severities will be patched automatically, but you can also easily exclude any application that you don’t want patched.


Review patch status

From the dashboard, easily see missing patches, patch name and severity level, along with release notes, release date, and more.

Patch Management

Enhance application security and prevent vulnerabilities with comprehensive patch management.

Prevent Vulnerabilities

Keep Windows Operating Systems and other third-party software applications up to date automatically to prevent possible vulnerabilities or security gaps.

Ensure Compliance

Identify and patch outdated or failed-to-install software to ensure company and regulatory compliance, and to prevent security breaches.

Centralize Management

Stay in complete control of patches with centralized management that allows you to scan all devices, set schedules, and receive reports from a single dashboard.

Are your endpoints safe?

We recently conducted a security assessment of 500,000 endpoints and only 29% passed all of the patch tests. And of the 500,000 devices analyzed, only 304 were 100% patched.

Patch Management Features

Flexible deployment schedules

Schedule and deploy approved patches at desired times or manually deploy to groups or individual devices.

Master agent capabilities

Download all missing patches to a master agent that seamlessly distributes patches to all managed devices in the network.

Intuitive Dashboard

Manage all software patches and view graphical summaries of installed, missing, or failed patches from any device.

Patch scan results

View detailed results from a single platform that includes information on missing patches, severity levels, knowledge base links, release dates, descriptions, and more.

Customizable patches

Choose software vendors, products, and the severity of patches to scan and install. Easily create exclusions for applications.

Automatic scans

Schedule patch scans to run automatically every 24 hours and set patches to deploy automatically every Thursday. These default settings can be customized at any time.

Thousands of patches

Deploy patches for Windows Operating Systems and thousands of other third-party software applications for comprehensive protection.

Rollback and ignore

Simply rollback patches if they are unstable from individual devices or ignore so they don’t show in patch results or get redeployed.

Thousands of compatible applications

Our patch selection includes Windows operating systems and thousands of other third-party software applications such as:

Thousands of compatible applications See the whole list of applications

Get Patch Management in the Management Console

Patch Management and any of the Avast Business Antivirus products are deployed through the Management Console, making it seamless to manage the endpoint security of all your devices from a single platform. Patch Management can only be managed from the console.

Learn more about the Management Console

If you already use the Avast Business Management Console, please log in and purchase Patch Management from there.

Patch Management - Management Console
Patch Management is now available also in CloudCare.

You can easily check status of your patches in Management Console:

Avast Business Patch Management

Automatically fixes and updates Windows Operating System and thousands third-party software applications.

For Windows operating systems only.

13,99 €

Buy now Període de prova gratuït de 30 dies

If you already use the Avast Business Management Console, please log in and purchase Patch Management from there.

30-day money back guarantee

Frequently Asked Questions

System Requirements

Should I turn off Windows Update before using Patch Management?

Yes, it is highly recommended that you change Windows Update settings for your devices via the Windows Update Center and/or Group Policy so Patch Management can provide updates.

The Windows Update service must not be disabled; rather, it should be set to either Manual or Automatic to successfully deploy patches. In addition, the Windows Update setting on each target machine (Control Panel > System and Security > Windows Update > Change settings) should be set to Never check for updates.

Are there any hardware/software changes I should complete before using Patch Management?

Deployment of patches will run under the remote machine's Local System account so make sure this is allowed.

What will happen to Software Updater?

We have phased out Software Updater from Avast Business antivirus products as it conflicts with the Patch Management service.

How do I set up a patch schedule for groups and/or devices?

You can set your patch schedule in Device Settings > Policy > Patch Management > Step 2. All devices or groups under the Patch Management policy will follow the schedule you set.

What is the difference between the Patches page and the Devices page?

The Patches page provides an overview of all missing patches for all devices connected to your console. The Devices page provides a list of your devices and the Device Patch Results tab identifies missing patches for that particular device.

How do I see the patch status for all my managed devices?

We will have 6 reports in total that will provide detailed information on the severity of missing or installed patches with vendors, and on software applications.

Where can I see how many devices are licensed for patch?

You will be able to see how many devices are licensed for patch under the ‘Licenses’ section in the console.

Why are my Mac OS X devices not being patched?

We are planning to support Patch Management for Mac OS X devices in the second half of 2019.

Why are some devices not patched even after the patches have been deployed?

Could be due to the following reasons:

  1. The patch is currently being installed on those devices and will sync back with the console after the patch has been successfully installed.
  2. The patch could have failed to install and will be scheduled for a reinstall based on your patch deployment schedule.
  3. The device is offline.

Where can I modify the patch schedule and add exclusions?

You can modify the patch deployment schedule and exclude vendors and applications by going to Device Settings > Select Policy > Patch Management tab.

Can I patch all my devices in a single action?

Yes, you can manually deploy patches to individual devices and groups of devices in one action.

What statuses do patches have?

Patches will be in one of the following states.

  • Scheduled: Grey Icon - Patch approved and scheduled to be deployed to device/s
  • Deployed: Green Icon - Patch successfully deployed to device/s
  • Failed to deploy: Red Icon - Failed to deploy patch/es to device/s
  • Missing: Yellow Icon - Patch is missing from device/s
  • Waiting to scan: Grey Icon - Waiting to run patch scan on device
  • Failed to scan: Red Icon - Failed to run patch scan on device

How long does it take to patch a device?

It could take from a few seconds to hours. The time depends on the size of the patch that is being downloaded to the device, the software application it is updating, and the hardware of the device.

Will my device that is set as the Master Agent download patches and deploy to my devices?

Yes, the device you have selected as the Master Agent will be used to store the software application patches and will distribute them to devices on the network so as to save bandwidth. If you do not have a Master Agent selected, devices will download the software application patch directly from the internet (not recommended).

  • Windows operating system:
  • Avast Business products are supported by Avast Software s.r.o. on the following editions: Windows 7 (Service Pack 1), Windows 8, Windows 8.1, Windows 10 – Windows 10 Pro, Windows 10 Education, and Windows 10 Enterprise. Avast Business Products are supported on the following servicing branches of Windows 10 – Current Branch (CB), Current Branch for Business (CBB), Long-Term Servicing Branch (LTSB) and will be supported for the lifetime of the app.
  • Servers:
  • Windows Server 2016 (64-bit version)
  • Windows Server 2012 (64-bit version)
  • Windows Server 2008 R2 (64-bit version with the latest Service Pack, excl. Server Core Edition)
  • Microsoft Exchange Server 2016 (64-bit version)
  • Microsoft Exchange Server 2013 (64-bit version)
  • Microsoft Exchange Server 2010 Service Pack 2 (64-bit version)
  • Hardware:
  • Intel Pentium 4 / AMD Athlon 64 CPU supporting SSE2 instructions, 256 MB+ RAM and 2 GB of hard disk space.