Automated Patching Solution in Azure
It is highly desirable to have an automated patching management solution in Azure. It is also very natural that Microsoft should provide such a native feature/capability/service in Azure, given that patch management is a critical requirement for IaaS VM Infra.
Currently we have to patch/management either manually using native tools like WSUS/MBSA, or forced to use commercial 3rd party solutions for automated patch management, which is not how it should be.
Furthermore, Update management solution currently provided by OMS is half-baked and amateur design at best, and does not provide much of the required functionality expected from a proper patch management system. We cannot do selective patching for groups of VMs, do not have any native Image rollback mechanism, have to rely on hidden automation scripts for pushing updates (which are not editable) and the likes.
It would greatly help if you can post the list of issues/missing features you observed with OMS as we are currently exploring various options for automated patch management process.
Based on the below article, it does seem like selective patching is possible, given the timing of this post, this could've been addressed in the latest release of OMS.