MS has released guidance on the new update release process starting this month which will affect the following products:
ü Windows 7 SP1
ü Windows 8.1
ü Windows Server 2008 R2
ü Windows Server 2012
ü Windows Server 2012 R2
ü Internet Explorer
From OCT’16 onwards, following update types would be released each month instead of traditional individual patches:
|S. No||Release Date||Type|
|1||2nd Tuesday||Security-only quality update|
|2||2nd Tuesday||Security monthly quality rollup|
|3||3rd Tuesday||Preview of the security monthly quality rollup|
ü Ensure “Security Updates” classification in the WSUS “Products and Classifications” or “Software Update Point” properties for the site is selected.
ü Ensure that you have enabled support for “express installation files” in the WSUS “Update Files and Languages” options page
ü Security-only update and monthly rollup are both classified as “Security Updates”, ensure your validate your Automatic approvals and Automation Deployment rules in WSUS and Configuration Manager.
ü Define, document and test roll-up un-install procedure.
ü Utilize Peer to Peer technologies to help distribute the updates.
ü Sign-up for Microsoft SUVP.
· In case of issues, the complete roll-up patch needs to be uninstalled.
· Roll-up patches contains the complete update package for the current and previous month, and may affect the network bandwidth. Therefore, plan and deploy accordingly.
· Express Installation File option isn’t applicable to Configuration Manager, therefore client will download the complete roll-up package and may impact the network bandwidth.
Microsoft has Security Update Validation Program which allows customers to test the updates before the general release. You may find more details in the below mentioned article under “The common concern: What if an update causes an issue?” or you can get in touch with the Microsoft TAM.
Microsoft Security Update Validation Program:
For more details, please check the below mentioned blog link: