New Windows 7/8.1 Patching Process Rolls Out Next Week
Monthly cumulative updates are coming.
Windows 10 is much different than Windows 7 and 8.1. But one way it will be the same, starting next week, is the patching method.
On Oct. 11, Microsoft will start issuing monthly cumulative updates to Windows 7/8.1. The company announced this coming monthly "update rollup" model back in August, which will deliver updates to those operating systems in a way that's similar to the update model of Windows 10. The monthly updates to Windows 7/8.1 will arrive on the second Tuesday of every month, known as "patch Tuesdays."
Software patching can be tricky, especially when organizations run multiple home-grown applications and commercial software from different vendors. On a practical basis, IT pros can sometimes see when something went wrong after a Windows update has been installed, and it's been the case that removing an individual patch has often worked to set things straight.
However, in a follow-up to its announcement of the new update process for Windows 7/8.1, Microsoft blamed this sporadic application of patches as the cause of IT woes, not its salvation. It's the fully patched Windows computing environments that don't have such problems, Microsoft suggested. And after Oct. 11, if there are patch problems for Windows 7/8.1 users, then blame should be cast toward Microsoft's software vendor partners, Microsoft contended.
For an overview of Microsoft's "Windows 10 as a service" model, see this Microsoft TechNet article. It also floats the idea that partially patched systems are the cause of organizational problems. The concept is illustrated in this figure from the article:
Doubtless, such claims are cold comfort for IT pros. The idea of avoiding the Windows 10 update model by sticking with an earlier Windows OS will just go away after Oct. 11. Going forward, if an update causes problems, IT pros will have to roll back to the previous month's update rollup to avoid what might be a problematic patch.
Windows 10 Update Model
Microsoft hasn't exactly been clear if all of its rather complex update schemes associated with Windows 10 exactly will apply to Windows 7/8.1 after Oct. 11.
In a nutshell, Windows 10 has three update types, as pointed out by Stephen Kleynhans, vice president of the Mobile and Client Computing Group at Gartner Inc. The OS has monthly security fixes, monthly quality updates (that are also delivered as needed) and feature updates that get released once or twice a year.
Microsoft has so-called branch releases ("current branch" and current branch for business") for Windows 10. However, they only apply to the feature update releases, Kleynhans noted via e-mail on Monday.
"The CB and CBB phases only apply to Feature Updates and don't play into the discussion of Security fixes and Quality updates," he stated.
Michael Niehaus, a Microsoft senior product marketing manager for Windows, has pointed out in a Patchmanagement.org list-serve post that CB releases are designed so that organizations can test Windows 10 releases about four months before a CBB gets released. It's the CBB release that should get deployed in a production environment, according to this scheme.
That's the recommended process for Windows 10 patching. But sometimes Microsoft's Windows 10 patch releases had have had problems, even though they are vetted in advance by a Windows Insider testing program.
Windows 7/8.1 Patch Prospects
So what about the Windows 7/8.1 patch process after Oct. 11? Will it be a patch apocalypse for IT pros? Kleynhans expressed some doubts on that score. However, IT pros used to doing things the old way will have to roll up their sleeves a bit. And they'll have just four weeks to get patch problems addressed after a Windows 7/8.1 update rollup release.
"I think the risks with Windows 7 are pretty low," Kleynhans said. "At this point, Windows 7 is pretty worn in and it's unlikely fixes will bring too many surprises. Customers who are concerned can defer updates for up to 4 weeks to give the marketplace a chance to sort though and identify glitches. The key will be that enterprises need to set up ongoing processes that are continually assessing and validating new updates, and when an issue is encountered, have well-defined escalation processes with vendors or developers. Skipping patches isn't a great alternative."
This point of view is outlined in a September Gartner report by Kleynhans and Michael A. Silver called "Update Windows 10 Migration Plans to Reflect Changes That Occurred in the First Year of Release." The report suggested that IT pros should do advance testing and become more process oriented to deal with Microsoft's patch release cycles.
It's get-with-the-program kind of advice. However, Windows 7/8.1 holdouts won't have many alternatives after Oct. 11.
Kleynhans wasn't unsympathetic to IT pro dilemmas under the circumstances, especially given the quality of recent Windows 10 releases.
"There have been some rough spots in the last few months and Microsoft can certainly do better," he noted, regarding Microsoft's Windows 10 update releases. He suggested that organizations could get proactive by participating in Windows 10 preview programs as a sort of early warning approach.
"Microsoft is previewing security and quality fixes in the month prior to them being included in the cumulative update so enterprises can get some early access, and companies should have that as part of their process," Kleynhans said.
It's still a bit early at this point. The Windows 7/8.1 update process could see some adjustments, Kleynhans suggested. "But cumulative updates solve more problems than they create for the majority of users," he contended.
Windows 7/8.1 Sales Going Away
One other limitation noted in Gartner's report is that sales of new PCs with Windows 7 and Windows 8.1 preinstalled by original equipment manufacturers will be going away next month. OEM sales will end on Oct. 31, 2016, according to Microsoft's lifecycle fact sheet.
It's still possible for volume licensing purchasers to use downgrade rights on new Windows 10 hardware, though, since Microsoft recently reinstated Windows 10 support for Intel Skylake machines. However, machines with newer processors will only be supported on Windows 10, going forward.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.