Updated Windows Updating/Servicing Guidance (from Ignite 2015)
Windows servicing; the process of managing updates to Windows, has finally been documented, per the following presentation from Ignite 2015:
If you care about the topic of Windows updating/servicing, this is the presentation for you. This presentation is all about current Windows (client & server), but NOT Windows 10. There are some topics discussed for Windows 7 and Windows Server 2008 R2. Windows 10 strategies were covered at Ignite in other presentations.
NOTE: I want to point out that I am NOT a member of the Windows PG, I am a Platforms PFE in Microsoft Premier Services. All of the information in this blog post, is what was discussed in the Ignite presentation. The OFFICIAL bottom line on all these topics will come from the authoritative blog: Windows for IT Pros .
IMPORTANT: None of this information changes any guidance on security updates. Security updates should be applied as soon as possible, within existing change management processes for the enterprise. Microsoft guidance on security updates and other related topics is available at this location:
Windows Updates: Categorization Processes
- Since Windows 8, Microsoft has released updates that are NOT categorized as "Critical" or "Important", those updates are released with status "Optional". This included most, if not all of the previous monthly Windows 8x/Server 2012x rollups.
- Optional updates are discovered and installed by a relatively small percentage of users around the world that are Windows Update clients.
- Keeping the updates as Optional (at first) provides time to discover and correct problems before those updates are promoted to status Recommended or Important.
- Microsoft would like to have more customers not only try Optional updates as soon as possible, they would like customers to opt-in to the Customer Experience Improvement Program (CEIP) so their computing devices can send telemetry back to Microsoft, including how those update installations went.
- Having IT Pros and enterprise customers sending telemetry on Windows updates, further aids in evaluating overall product quality with patches. The enterprise segments are very important with Windows updates because the enterprise environments have different environments than consumer devices, and thus can help uncover issues that may not be discovered otherwise until deployment.
Hotfix Deployment Guidance: Then and Now
- The text in today’s hotfix KB articles says don't apply this hotfix unless you experience this particular problem. Microsoft is changing the guidance on hotfixes and Optional updates to say “don’t wait to experience blue-screens, hangs, or data corruptions issues if there is a fix available that could correct these today”. Proactively evaluate available fixes, whether Optional or hotfixes, as those fixes are in fact tested more stringently than in the past. Problems such as bugchecks, hangs, or data corruption, are not problems you should wait to experience.
- Problems such as bugchecks, hangs, or data corruption, are not problems you should wait to experience.
- Microsoft is changing guidance to say, "Deploy Hotfixes Proactively", especially bugchecks, hangs, and data corruption, maintaining strict testing standards, etc.
- Microsoft will be updating hotfix KB articles to reflect Microsoft's updated Windows updating/servicing guidance.
Optional Update Guidance & Other
- Microsoft would like to get telemetry from Optional updates from IT Pros which will help update quality and be a determinate for promotion to Recommended or Important.
- Once an update appears in WU as "Recommended", that particular fix has been installed/deployed to millions of Windows devices already, so has been vetted to some degree.
- Going forward, Windows updates listed as Recommended, Optional, or Important will be published as "one fix, one package".
- Microsoft wants all customers to proactively install updates to help overall product quality.
- The bottom line: Microsoft would like customers to proactively install available updates, not just security updates. For the enterprise, this would mean introducing Optional updates into the change control process as soon as they are released, for eventual rollout to the production computer systems.
What about those Rollups?
- Rollups are a single package with multiple fixes
- Up until December 2014, Windows 8x/2012x had "monthly rollups". At least for now, no more monthly rollups.
- There may be from time-to-time., cumulative "convenience rollups" (not a technical term). These provide a way to get current with all fixes by applying one package.
- Moving forward, HOTFIXES will be published to the Windows Update Catalog (no timeline specified). Therefore these can be relatively easily ingested into Windows Server Update Services, for enterprise deployment.
- There WILL BE A ROLLUP FOR WINDOWS 7 & WINDOWS SERVER 2008 R2 (no timeline specified).
That last part if fantastic for those still running Windows 7 and/or Windows Server 2008 R2.
Thanks for reading!
Robert M. Smith, Senior PFE
Microsoft Premier Services