System updates on virtual machine scale sets should be installed
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Azure security center recommends System Updates for Service Fabric VM scale set, How way to handle the scenario.
Apologies for the delay.
Please go to that particular VMSS in Azure portal and under Settings/Operating system, check the status of the following:
Make sure it is On. Enabling automatic OS image upgrades on your scale set helps to ease update management by safely and automatically upgrading the OS disk for all instances in the scale set. Learn more about Azure virtual machine scale set automatic OS image upgrades
Now, as far as the upgrade policy goes, that is for when changes are made to the VMSS model. If it is set to automatic, the instances will upgrade to the reflect the new VMSS model automatically. If it is set to manual, you will have to upgrade them manually. If it is set to rolling, it will do the updates in batches. This is outlined here: https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-upgrade-scale-set#how-to-bring-vms-up-to-date-with-the-latest-scale-set-model
Additionally, below are the latency times for Security Center scans of vulnerabilities, updates, and issues:
· Operating system security configurations – data is updated within 48 hours
· System updates – data is updated within 24 hours
· Endpoint Protection issues – data is updated within 8 hours
https://learn.microsoft.com/en-us/azure/security-center/faq-vms#how-often-does-security-center-scan-for-operating-system-vulnerabilities-system-updates-and-endpoint-protection-issues
Let me know if this answers your question.
Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer.