Microsoft Set To Change Once A Month Security Update Process

As part of the upcoming Windows 10 Pro and Windows 10 Enterprise releases later this year Microsoft intends to change how often such systems receive security and non-security updates.

Rather than having security updates delivered on the second Tuesday of each month (i.e. the current process), Windows 10 devices in corporations can be placed within a Long Term Servicing branch (for mission critical devices, which will receive only security updates, no changes in functionality). In addition, less critical systems can use the slow and fast service “rings” to receive both security and feature/functionality updates.

Thus IT departments can control the flow of updates to all devices in their network according to the above mentioned device priorities. This will include options to specify that devices cannot be updated at the end of a month (to avoid interfering with month end business processes), cannot be updated during the day or during the night (depending on your priorities/preferences to avoid any disruption associated with patches being installed). At this time only the slow and fast “rings” have been mentioned but additional “rings” are thought to exist but no further concrete details are yet available.

Also included in the changes with Windows Update for Business will be peer to peer updates that will allow more efficient and faster updating for business branch offices that have lower bandwidth connections. Consumers meanwhile will have a choice of slow or fast “rings” to receive both security and feature/functionality updates.

While the above changes will mean that security updates will be delivered faster to Windows 10 users it’s unclear whether the current Update Tuesday process of updating will remain for Windows Vista, Windows 7 and Windows 8.0/Windows 8.1 (and all of the Windows Server equivalent of these versions). However it would seem likely that the existing update mechanisms will remain the same for non-Windows 10 operating systems.

Whether the new updating approach is used in a corporate or consumer environment; personally I would choose the slower “ring” in order to ensure all updates can be tested before being made available more widely to all of your devices (i.e. as close as possible to the current patching schedule). While I’m in favor of faster updates, there should not be a trade off in stability in exchange for the speed of updating. I believe only 1 to 2 days should be necessary to determine if any updates are going to cause issues in your environment.

It will be interesting to learn more about this new update approach when Windows 10 is made available since at this time, details are scarce.

The new update process was mentioned by Terry Myerson, Executive Vice President of the Windows and Xbox Group in the Microsoft Ignite Day 1 Keynote (begins at 02:20:23 ) in this Channel 9 video.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s