PRODUCT

Windows Updates.

Windows Updates, finally as code.

PIPELINE

On the roadmap — vote it up.

THE PROBLEM

What's broken without it.

Windows Update is a black box managed through a UI built for 2015. You cannot reproduce a fleet’s update state, you cannot diff two rings, you cannot version-control an exception window. KB rollouts surprise you on Tuesdays. Audit asks "why did KB5037768 ship to production on the 14th?" and the answer is "because Microsoft."

audit-trail.log · status quo

1 # T+0 install completes on 1,204 endpoints

2 # T+2d scanner runs across the fleet

3 # T+2d scanner flags 14 endpoints with vulnerable artifact

4 # T+3d helpdesk tickets begin to arrive

5 # T+5d incident response opens IR-2026-0418

6 # T+9d auditor asks: "who approved this artifact?"

7 # T+9d answer: nobody. it shipped because the CDN said so.

HOW ATTESTREE SOLVES IT

The approach.

Attestree Windows Updates exposes WSUS and Windows Update for Business as declarative policy. Update rings, exception windows, and KB approvals live in Git. The control plane reconciles them continuously. Every applied KB emits a signed attestation that links back to the Git commit that authorized it.

attestree.toml · windows-updates

1 # pipeline product

2

3 # Syntax stabilizes once development starts.

4 # Vote this up on the waitlist to influence the design.

BUILT FOR

Homelab Small business Mid-market Enterprise Financial services

WHAT'S NEXT

Roadmap, in three moves.

Q4 2026

Policy as Git

WSUS and WUfB rules expressed as code, reviewed via PR, applied by reconciler.

design-partner mode through GA

KB-level diffing

Diff two rings or two points in time at KB granularity; understand why state diverged.

Q2 2027

Exception windows

Time-boxed deferrals with auto-expiry — no more permanent "we will fix it later" exceptions.

Ready for windows updates on your fleet?

Get on the list — your vote moves this up the roadmap.

Join pipeline waitlist

OTHER PRODUCTS

Winget Enterprise Inventory Transforms Drivers Firmware Windows Updates