While Microsoft plans to end support for Windows 10 in late 2025, 0patch comes with the promise of supporting Windows 10 v22H2 with critical security patches until 2030 and even further if there is enough demand. Fortunately, the $25-per-year or $35-per-year Pro and Enterprise subscriptions are also accompanied by a free plan.
If this lets you monitor the patch status of the end clients in your org, then it’s actually cheaper than existing solutions used for managing regular Windows updates.
The only questionable part is how reliable, trustworthy, and secure is 0patch themselves?
Allowing a third party access to patch system level files opens the risk of a rootkit install. (In fact their agent being able to access system would function much like a rootkit itself).
They could easily backdoor something into thousands, or even tens of thousands of PC very quickly. Make a huge botnet, steal data, etc, etc.
Assuming they are trustworthy themselves, if their security is compromised, either from hackers or even a rogue employee, the same results could happen and could take a long time to discover.
You’re right - this is fucking stupid… Unfortunately, it’ll capture the business of small time shops that don’t know better