There are a lot of vague announcements and a myriad of conclusions from security experts and the media regarding recent Microsoft news about the upcoming release of Windows 10 and the introduction of Windows Update for Business. What’s actually happening?
Microsoft has been making some much-needed changes to its development teams over the past year. It has announced a new quarterly release schedule that product development teams are being moved to. It is also working to simplify the complexity of supporting updates for their products. The proposed changes will allow development teams to work toward quarterly releases and launch when prepared. The cost of holding onto code, once tested and ready to ship, is very costly.
What do these changes mean for me as a user? Many of the applications you rely on will start to deliver usability and new-feature changes more quickly. Office 365 is a good example of the future of application delivery from Microsoft. New features can be delivered more frequently and users will be able to consume those changes much quicker, bringing this experience in line with what we have come to expect from our mobile devices. The operating system and server solutions, like SQL Server, Team Server, SharePoint Server, etc., will likely be slower to move to these quarterly release schedules and remain for longer periods of time on the Patch Tuesday cadence.
With Windows 10, Microsoft is introducing some changes to the way updates will be delivered to systems. It is also introducing new features into what will now be known as Windows Update for Business. The new features will allow businesses to control the speed at which updates are rolled out to their systems.
One of the most significant changes will be the update rings. There are different tracks that you can opt into that will give you more control over how fast updates are delivered to your systems.
Between announcements earlier this year, and additional announcements at the Ignite 2015 show, there will be three or more rings that you can configure in WUB. A Current Branch and Long Term Service Branch have been confirmed, but, at Ignite, a Ludicrous Branch was also announced, which would push updates at a cadence similar to its namesake.
Windows 10 Home editions will be limited on options to control what updates are applied to their system. The home-user editions of Windows 10 will update fairly quickly. This is the Current Branch. Current Branch receives new features, fixes and security updates as they release to Windows Update. For the majority of Home users, this will be an ideal experience.
Windows 10 Professional editions will have options for Current Branch or Current Branch for Business. The additional CBB allows businesses more flexibility about when the new features, fixes, and security updates are applied to their systems. Companies that use Microsoft¹s free Windows Update for Business (WUB) or Windows Server Update Services (WSUS) will have the ability to defer new feature updates for Windows 10 for a period of time. Microsoft will maintain the current, and a previous branch, that these customers can reside on for a period of time without taking the feature changes. After the next branch is started, the previous branch stops receiving security updates, forcing these companies to move to the new-current or previous branch. Details on how long before companies would be forced to update have not been officially announced.
For those companies on Windows 10 Enterprise, there will be additional options available. These customers will have the ability to mix and match CB and CBB, but will also have access to a Long Term Servicing Branch. This branch allows companies to take only security fixes and defer new features and fixes of a non-security nature.
Enterprise customers will be able to utilise all branches to suit the needs of systems in their environment. The Current Branch is for groups of users that have low risk of being impacted by new features and changes. The Current Branch for Business group may contain users with more specific application needs that may be sensitive to new features, changes and behaviour. The CBB gives IT more time to accommodate those changes and educate users or respond to issues. The Long Term Servicing Branch is ideal for servers and other critical assets which need the security updates, but also need more control over what changes occur on the system.
Want more detail? There is a really good FAQ on the Microsoft Community which included much of the details described above.
So is Patch Tuesday dead? According to a Microsoft spokesperson, “Windows Update for Business can take responsibility for the timely distribution of security updates for customers for free. Customers that choose to distribute updates themselves (or through a Patch Management Vendor) will continue to receive the updates on the 2nd Tuesday of the month.” For consumers, Patch Tuesday is a non-issue as their system will apply updates as they arrive, similar to their mobile device experience. Some of those may come on Patch Tuesday, but others will come as they are released. For Pro and Enterprise customers utilizing WUB, WSUS, or SCCM, security and other updates will still arrive on the second Tuesday of the month, giving them predictability and control over what gets rolled out to their environment.