New Windows patch management process starts

Today Microsoft starts its new patching policy for certain versions of Windows desktop and server, promising a more consistent and simplified servicing experience. However, it means more choices for IT administrators.

The change affects Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 updates.

In a blog a few days ago staffer Michael Niehaus gave a lengthy and detailed explanation of what’s happening. Briefly, there will be three monthly releases, :

— a single update on the usual Patch Tuesdays containing  all new security fixes for that month, to be published to Windows Server Update Services (WSUS), where it can be accessed by other tools like ConfigMgr, and the Windows Update Catalog, where it can be downloaded for use with other tools or processes. This package won’t be offered to PCs that talk to Windows Update.

— a single update on Patch Tuesdays called the “monthly rollup” containing all new security fixes for that month (the same ones included in the security-only update released at the same time), as well as fixes from all previous monthly rollups. This will be published to Windows Update  for consumer PCs, WSUS, and the Windows Update Catalog.  The initial monthly rollup released in October will only have new security updates from October, as well as the non-security updates from September;

–for those who like looking ahead on the third Tuesday of the month there will be a “preview rollup” with a preview of new non-security fixes that will be included in the next monthly rollup, as well as fixes from all previous monthly rollup.

“Some small enterprise and mid-market companies rely on Microsoft management tools,” commented Jon Olsik, an analyst at Enterprise Strategy Group. “For organizations that fit this model, Microsoft patch management is a good addition as it aligns with their current knowledge and processes.  Large organizations will not find this attractive as they have built their patch management processes around different vendor technologies.”

The security-only and monthly rollups will contain fixes for the Internet Explorer version supported for each operating system, Microsoft adds.  For Windows 7, Windows 8.1, Windows Server 2008 R2, and Windows Server 2012 R2, that is Internet Explorer 11; for Windows Server 2012, that is Internet Explorer 10.  The security-only, monthly rollup, and preview rollup will not install or upgrade to these versions of Internet Explorer if they are not already present.

Administrators that use WSUS should make sure that the “Security Updates” classification in the “Products and Classifications” options page has been selected, so that the both the security-only update and monthly rollup on Update Tuesday are synchronized.  To synchronize the optional preview rollup, also ensure the “Updates” classification is selected.

Also ensure that support for “express installation files” in the WSUS “Update Files and Languages” options page has been enabled.

Microsoft says existing automatic approval rules for Windows 7 or Windows 8.1 will continue to work as is.  But since both the security-only update and monthly rollup are both classified as “Security Updates,” rules that specify this classification will approve both. Admins may also manually approve just the monthly rollup.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now