Wednesday, August 17, 2016

Goodbye Patch Tuesday

Patch Tuesday is soon to be a thing of the past. Beginning in October, Microsoft will deploy fixes for Windows 7, Windows 8.1, Windows Server 2008 and Windows Server 2012 with a single cumulative monthly patch. This is designed help reduce fragmentation across your company’s PCs. The new system is right in the line with how updates are currently deployed for Windows 10.
From October 2016 onwards, Windows will release a single Monthly Rollup that addresses both security issues and reliability issues in a single update. The Monthly Rollup will be published to Windows Update (WU), WSUS, SCCM, and the Microsoft Update Catalog. Each month’s rollup will supersede the previous month’s rollup, so there will always be only one update required for your Windows PCs to get current. i.e. a Monthly Rollup in October 2016 will include all updates for October, while November 2016 will include October and November updates, and so on. Devices that have this rollup installed from Windows Update or WSUS will utilize express packages, keeping the monthly download size small.
Windows will proactively add patches to the Monthly Rollup that have been released in the past. Microsoft's goal is eventually to include all of the patches we have shipped in the past since the last baseline, so that the Monthly Rollup becomes fully cumulative and you need only to install the latest single rollup to be up to date. We encourage you to move to the Monthly Rollup model to improve reliability and quality of updating all versions of Windows.Microsoft is planning to add these previously shipped patches over the next year and will document each addition so IT admins know which KBs have been included each month.
It’s a big departure from the current system, under which Microsoft sporadically releases individual patches for the older platforms. That has some advantages, allowing IT administrators to selectively deploy updates as needed, but it also comes with some serious drawbacks. Under the current system, individual PCs frequently wind up with different updates installed, which causes syncing problems, boosts scan times, and ups testing complexity. Even just pinpointing the right patches before applying them can be a pain.
Here’s how the new system will work. In October, up-to-date PCs running the older platforms will receive just a single package of security and stability fixes from Windows Update, Windows Server Update Services (WSUS), System Center Configurations Manager (SCCM) and the Microsoft Update Catalog. If you delay the update in October, you’ll be prompted to install it again in November, along with another single set of patches for that month, and so on. Each month’s update will include patches for all previously-uninstalled months, from October onwards.
older updates will begin to be included in the monthly patch rollouts, dating all the way back to Service Pack 1 for Windows 7. That means that — at some point — you’ll be able to get fully up to date with just a single installation, no matter the current state of your PC.
Microsoft is allowing one exception for its new all-in-one update system, affording the ability to download and deploy security patches separately from stability fixes. That will reduce the size of the initial update needed to secure your company’s PCs as quickly as possible. Those updates will be available from WSUS, SCCM and the Microsoft Update Catalog, not Windows Update.
Servicing Stack and Adobe Flash updates won’t be included in the rollups. Microsoft will move to the same monthly rollup model for the .NET Framework in October too.
for more about patch Tuesday see on Patch Tuesday

No comments:

Post a Comment