Newsletter Archives

  • Tell me again – how is the “new” Win10 updating method better than the old one?

    Many of you know that I’ve been scratching my head about the announcement that the emperor has new… er, that Win10 1703 is getting a new layer of patches.

    I’m still scratching.

    InfoWorld Woody on Windows with special thanks (once again) to Susan Bradley.

  • Just when you thought it couldn’t get any more complicated, Creators Update gets a new kind of patch, KB 4016240

    Microsoft just released another patch for Win10 Creators Update. KB 4016240 brings the 1703 build number up to 15063.250.

    That’s quite normal for a new version of Win10 – we commonly get multiple updates for the first month or two.

    What’s abnormal – has me bamboozled – is the explanation surrounding the patch.

    If I read Michael Niehaus’s post on the Technet blog correctly, this is the first of the “new update options for Windows 10, version 1703.” Which is also fine — but I don’t understand what’s “new” about it. KB 4016240 apparently lacks any security updates, but KB 4016251, build 15063.13, didn’t have any security updates either. At least, there aren’t any documented.

    Many Win10 cumulative updates don’t have security patches. In fact, just thumbing through the list the only cumulative updates with security patches that I can find were released on Patch Tuesday. Look at KB 4016635, released on March 22, for example. Win10 patches with no security updates are quite common.

    Niehaus notes that the Insider Release Preview ring (which has always raised my blood pressure) will get new non-security updates first. Then the non-security updates will get rolled out to the normal update process later. (Today’s the first example of that.) Then, presumably, the non-security updates will get rolled into the regular cumul

    ative update that frequently appears on Patch Tuesday.

    (Except, if you look at the history, many Win10 cumulative updates don’t appear on Patch Tuesday.)

    Niehaus says:

    These additional cumulative updates will contain only new non-security updates, so they will be considered “Updates” in WSUS and Configuration Manager.

    Which, to me, is an oxymoron.

    Poster thymej explains:

    if its said these patches will contain only new non-security patches, how then can it be cumulative? Cumulative contains new and old, right?

    I don’t get it. Anybody out there have a Win10 Patch Babel Fish?

    Martin Brinkmann has a description on gHacks, but I’m still scratching my head. Maybe I’m just being unusually dense today.

    Peter Bright has an explainer on Ars Technica. He says the new cumulative non-security update contains “all the non-security fixes released for a given version.” I’m scratching my head again. He says, “This split packaging (and split classification) should make it easier for organizations to, for example, deploy Security Update very quickly but hold the non-security portion back so that it can be more thoroughly tested and validated.” — which makes sense, but why would we want the non-security updates early (but after the Preview ring)?