Coping with the New Windows Update Process
You may not like it, but you will have to adapt to Microsoft's latest update landscape.
Among IT pros, 2016 might be remembered as the year Windows Update changed forever.
It all started with Windows 10, which introduced a new servicing model based on cumulative updates rather than individual ones. The new OS also offers fewer options for deferring or delaying those updates, especially for consumers and small businesses.
And if you thought you could avoid the transition by sticking with your old Windows version for another year or two, think again. Microsoft last month changed the servicing model for Windows 7 SP1 and Windows 8.1 to match that of Windows 10 delivering a single monthly rollup with both security and reliability fixes. A separate security-only update is included, as well, but like the larger rollup, it's monolithic and individual updates will not be available.
Tools such as System Center Configuration Manager or Windows Server Update Services may let you exercise some central control over updates, but the days of manually approving dozens of individual updates each month are over.
Complain all you want, but the new servicing model for Windows is here, and the old ways aren't coming back. Here are four tips on how to cope with this change:
1. Accept that the update process won't always be perfect.
Windows is a sprawling collection of software. Include the incredible diversity of third-party hardware and services, it becomes almost unfathomably complex.
Include the pressure to quickly patch security issues before they're exploited, and you guarantee that some percentage of those updates will fail in the field. So if a 100 percent success rate is impossible, that means there's a reasonable chance one or more of the Windows PCs in your organization will have to deal with a failed update at some point.
You're perfectly entitled to feel frustration when that happens, but you should also be prepared for it.
2. Test, test, test!
Windows 7 and Windows 8.1 still offer options to defer and delay updates. With Windows 10, you have Windows Update for Business, which you can apply using Group Policy.
The ideal way to use this infrastructure is to set up your own internal testing rings. Some PCs should get updates as soon as they're available, giving you a population that you can monitor for signs that an update is potentially troublesome. Set up additional rings to receive updates only after a delay of a week or two, giving you the option to hit the pause button if a problem occurs.
3. If you see something, say something.
If your testing turns up an issue, of course your first priority is to make sure that you can prevent it from affecting a larger population. But once that task is out of the way, open a support ticket so that the issue hits Microsoft's radar sooner rather than later.
The more you pay for Windows, the more voice you have. Don't be afraid to use it.
In recent months, despite some alarming headlines, there's evidence that Microsoft can indeed respond quickly to that sort of feedback. For example, the Windows 10 Anniversary Update (version 1607) caused problems with some webcams when it was released in August, but the issue was fixed the following month. Likewise, when an issue with the September cumulative update for Windows 10 failed on some PCs, Microsoft identified the cause and issued a fix less than a week later.
Don't count on Microsoft's automated diagnostics (aka telemetry) to tell your story. Open a support ticket.
4. Embrace the change.
This isn't an arbitrary decision on Microsoft's part. There are solid engineering reasons to simplify the servicing model, especially for older Windows versions. With the aging Windows 7 in particular, the old update process was often downright painful, with update scans typically taking many hours or even days. The cumulative rollup model makes those delays far less likely.
Similarly, the demise of individual updates means you don't have to wonder whether a particular device is missing a specific update that can render it vulnerable to a security exploit. In the new world, if you've successfully installed the latest updates, you're completely up-to-date.
That's the kind of knowledge that makes it possible to sleep at night.
Ed Bott is a Microsoft MVP and an award-winning tech journalist who has covered Microsoft for 25 years. He's written numerous books on Windows and Office, including the best-selling "Inside Out" series from Microsoft Press. Bott delivers outspoken advice on a wide range of technology topics at his ZDNet blog, "The Ed Bott Report."