I’ve complained many times that Microsoft’s Windows as a Service (Waas) scheme is broken, that Windows 10 is simply too complex to service it as if it were an online service.
Microsoft disagrees. In fact, they seem hellbent on proving me wrong. And the firm just announced that they are accelerating the delivery of updates, in a move that will most adversely impact businesses, especially larger enterprises, its most conservative and update-adverse customer type.
And that’s pretty much Microsoft’s attitude about Windows 10 and updates, folks. Remember how we used to do things? Yeah, we’re not doing that anymore.
“With Windows 10, we simplified the servicing process by moving to cumulative updates [which] are released on the second Tuesday of every month,” Microsoft’s Michael Niehaus explains. “Based on feedback from customers … we will [now] routinely offer one (or sometimes more than one) additional update each month.”
Now, to be fair to Microsoft, the story is a bit more nuanced than is suggested by that carefully edited quote you see above. As it turns out, not all updates are created equally. Or something.
Those monthly “Patch Tuesday” cumulative updates always include security updates as well as non-security fixes, so they are classified as “Security Updates” in Windows Server Update Services (WSUS) and System Center Configuration Manager (SCCM), the Microsoft tools that enterprises and other businesses use to configure how and when their user bases receive updates. Security Updates are more serious than non-security updates, and those cumulative updates are always reboot experiences, which is also disruptive.
The addition one or two updates that Microsoft will ship each month going forward will not contain security fixes, and they will not be cumulative. That means it’s possible that these updates will not require reboots, I suppose. But they are considered less serious as a result, and are classified as “Updates” in those Microsoft software deployment tools.
That said, updates are updates. And even Microsoft is admitting that it may choose to escalate things as needed.
“We may occasionally identify non-security fixes that address more critical issues that could be affecting organizations,” Mr. Niehaus notes. “In those rare cases, a cumulative update would be considered as ‘Critical Updates’ in WSUS and Configuration Manager.”
Yes, “Critical Updates” are serious and will always require a reboot. But they are still different from Security Updates because they can be deferred along with normal (non-security) Updates in WSUS and SCCM.
Long story short, businesses of all sizes now have a lot more update opportunities to worry about each month, and will have to plan accordingly.
End users like you and me are pretty much screwed: We’re just going to get more updates. In fact, we got one yesterday: Microsoft released a (non-security) Update called KB4016240 to Windows 10 version 1607 on Tuesday. Huzzah!