Microsoft Windows 10 supportability statement
With Microsoft Windows 10, Microsoft introduced Windows as a service, stating it will simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. With these changes come new considerations for managing your Windows updates. To better understand these methodologies, see the Microsoft articles on Deployment Rings and Servicing Channels.
Windows as a Service patching concepts
Beginning in October 2016, Microsoft began releasing cumulative updates, a concept that deploys a single update containing all updates that in the past were delivered as separate KBs. This ensures more consistent patch delivery and system security, as well as feature parity within the Windows 10 environments worldwide.
The following patch types are released monthly:
- Security-Only updates, a single patch that includes all security patches for this month. These patches are released via WSUS and the SCCM. They are not available via Windows Update. They provide value to enterprises that require security, but do not wish to adopt new features. These are non-cumulative updates. When leveraging Security-only updates rather than Monthly Rollups, each month’s update must be installed to remain fully patched and secure. These patches are released under the Security classification.
- Monthly Quality Rollup updates, a cumulative monthly patch released to WSUS, SCCMand Windows Update. If a patch is missed, installing the next month’s patch will bring the system fully up to date of all Security and Feature Updates. When installing the Monthly Quality Rollups, Security-Only updates are no longer necessary. We have seen these patches released under Critical, Security or Updates classification.
- Preview Monthly Quality Rollup updates, a cumulative monthly patch released to WSUS, SCCMand Windows Update. This patch includes new non-security fixes and features for the upcoming month’s Monthly Quality Rollup update. These updates are released under the Updates classification.
- Windows Feature upgrades, released twice per year, provide OS upgrades and new features. Unlike previous models of releasing Service Packs, or completely new Operating Systems, Microsoft is now releasing Upgrades directly via WSUS, SCCM and Windows Update. Although these updates are large, this has the benefit of simplifying seamless delivery of new features to devices. These updates are released under the Upgrades classification.
The Patch Management SolarWinds Engine (included from Agent 10.8.0 RC) leverages Windows Update’s APIs and Windows Update Agent to retrieve lists of necessary Microsoft patches for devices, as well as installation/removal purposes. Relying on these components ensures product stability and robustness by leveraging Microsoft certified applications to complete patch delivery and security. This also ensures compatibility with future OS updates and third party components.
The Patch Management SolarWinds Engine fully supports the approval and scheduled installation of Security-Only, Monthly Quality Rollups, Monthly Preview Rollups and Windows Feature Upgrades.
Where enabled, the Patch Management SolarWinds Engine will set Windows Update in administration mode and giving you complete control of patches available for your current Windows 10 version during its lifecycle.
Microsoft has not released Security-Only updates via Windows Update, yet the Patch Management SolarWinds Engine is committed to offer the most compelling RMM technology available. The Patch Management SolarWinds Engine has been updated to pull Security-Only information directly from the Microsoft Catalog, to allow our partners full flexibility in their patch and security delivery.
The Patch Management SolarWinds Engine supports patch supersedence. In addition, Microsoft has omitted patch supersedence data from Security-Only updates and Monthly Preview Rollups. The Patch Management SolarWinds Engine has enhanced its engine to create appropriate relationships between these patches to ensure simplified and accurate reporting to your customers.
The Patch Management SolarWinds Engine supports the deployment and installation of Windows Feature Updates, released twice per year. Microsoft having simplified the release of OS Upgrades via Windows Update, puts the IT Pros in the driver’s seat, leveraging simple and efficient, automated scheduled deployments of Windows Feature Updates. The Patch Management SolarWinds Engine enables you to easily control deployment of the latest Windows Feature Update available to your current operating system. It is recommended that Windows Feature Updates be applied before the end of their lifecycle, otherwise Microsoft may eventually install updates depending on the servicing channel and patch deferment options in place.
The ability to defer updates is restricted to Windows 10 Pro, Enterprise and Business devices only. Windows 10 Home users will receive updates as they become available via Windows Update and are not supported by the SolarWinds Engine Patch Manager.
The Patch Management SolarWinds Engine strives to remain at the forefront of RMM patch management technology, embracing new concepts, delivering functional and efficient patch automation while adopting and adapting to new trends as quickly as possible.
Please note that we are not responsible for the content of external sites.
What do you want to do?
- Go to the Quick Start Guide - Patch Management