Get Started: Patch Management

JumpCloud’s automated patch management helps you keep your macOS, Windows, and Linux devices secure and updated with automated OS and Chrome browser patching.

Use the Devices Overview tab to analyze your JumpCloud-managed devices and review the most current releases from Microsoft, Apple, and Canonical. As an IT Admin with Manager role permissions or higher, you can manage when major OS upgrades and minor updates are available and applied to your devices. Configuring a required installation window lets users choose the most convenient time to perform an OS update.


Enforced major upgrades utilize Mobile Device Management (MDM) software install commands and do not require end user interaction or Admin permissions. For minor updates, when the deadline expires the policy then forces a minor OS update to be automatically downloaded and installed using the MDM software install commands. 

OS patch policies let you delay an update in order to thoroughly test it before rolling it out. For example, you can set up a deployment ring of early adopters, control which OS version they install, and when they will install it. 

You can also create a universal browser policy to keep Google Chrome up to date for macOS, Windows, and Linux. This universal browser patch policy works for all OS types, and remotely schedules and enforces Google Chrome updates on all devices. This policy saves you time and helps you keep a large number of devices compliant and up to date. See Create a Universal Browser Patch Policy.

Patch Management policies are a premium feature, and are available for a small fee. Contact your Account Manager if you’re interested in adding OS and browser patch management to your package or to learn more about the solution. Pricing for patch management is located at


  • The JumpCloud agent must be installed and running on macOS, Windows, and Linux devices. See Install the Mac AgentInstall the Windows Agent, and Install the Linux Agent.
  • For macOS versions 11.0 and later, Mobile Device Management (MDM) is configured for your organization and devices are enrolled in JumpCloud’s MDM. See Manage Apple Devices with MDM
  • For Linux devices, OS Patch Management is only supported on Ubuntu systems. All supported Linux versions will be shown in Fleet Distribution.
  • To assign a policy to a device, you must have an active device running on a supported OS. See Get Started: Policies.
  • To assign a policy to a device group, you must have defined device groups. See Get Started: Device Groups.

Use OS Patch Management to perform these tasks:

  1. Keep track of all supported builds associated with a major OS release.
  2. View all OS updates, patches, and OS version and build numbers within 24 hours of being distributed by Apple, Microsoft, and Canonical.
  3. View your OS distribution by release:
    • MacOS:
      • Sonoma 14.x
      • Ventura, 13.x
      • Monterey, 12.x
      • Big Sur, 11.x
    • Windows
      • Current Windows 11 supported versions
      • Current Windows 10 supported versions
      • Windows Server 2016 and later
    • Linux:
      • Current Linux supported distribution versions

To get detailed release information and see the percentage of devices by OS, the number of devices running each version, and End of Service status for your devices, see View Your OS Distribution.

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case