ANALYSIS: Beginning this week, all updates will be roll-ups, with complete cumulative updates to begin in 2017, eliminating the ability to choose individual patches.
Starting this week (on Oct. 11), Microsoft will change its update method for Windows 7 and Windows 8.1, the dominant versions of Windows in the enterprise, to match the way updates are handled in Windows 10.
What this means to enterprises is that you can no longer choose specific patches from a long list of updates that Microsoft is proposing to send you. With the new approach, you must take all of an update or nothing.
The same thing is true for smaller organizations where individual users accept updates using the Windows Update application to download and install updates each month. Now, those users will see a single update file that contains all updates.
Read More: Patch Tuesday fixes zero day flaws
Windows Update changes
For enterprises using Windows Server Update Services or the Windows Update Catalog, there will effectively be three updates each month. The first, which will be released on Patch Tuesday, which is the second Tuesday of the month, will be a security-only update. A second update will also be released the same day that will include the security updates as well as updates to other features of Windows.
The following week, which is the third Tuesday of the month, will include a preview update of non-security updates for the following month. This will be listed as an optional update, meaning that the IT shop doesn’t need to install it but may choose to do so as a way to test what’s coming the next month.
Smaller organizations that use Windows Update will get the preview installed automatically. The details of how this update process will work are in an article on Microsoft’s TechNet.
Depending on your settings in WSUS, you may have both the Security Only updates and the monthly Security Quality Rollup. If that happens, the update process will only install those updates that aren’t already on the target machine. This means that if you’ve already installed the Security Only updates, then the only thing that will be installed next are the items that weren’t already included in the previous update.
Once the Windows update process for 7 and 8.1 moves to the cumulative roll-ups, there will basically be only one update for Windows, and once that’s installed, the computer will be completely updated.
This is contrasted with the process that has existed for those versions of Windows when you might need to run updates several times to make sure you got them all.
If this all sounds a lot like the update process for Windows 10, you’d be right. As Microsoft pointed out back in August, the company is doing this to make things simpler. With the old update process that allowed picking and choosing which updates to install, there were as many versions of Windows as there were people who used it.
The resulting update fragmentation was making it extremely difficult for Microsoft to roll out updates that the company would be sure would work, and it made things very difficult for technical support because it’s very difficult to know what to fix when you can’t be sure what is actually running in any given implementation of Windows.
Originally published on eWeek