On August 15, 2016, Microsoft announced a change in the update model for older versions of Windows. This change, which becomes effective in October 2016, affects Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 and mirrors the update model for Windows 10.
NOTE: This change applies to Windows operating system updates only. It does not affect non-OS patches such as Office, IE, SQL Server, and Exchange Server.
Microsoft will provide a single monthly update (referred to as the Monthly Rollup) that addresses both Windows security and reliability issues. Each Monthly Rollup will be cumulative, including all of the current month's Windows fixes plus the previous Monthly Rollups.
In addition, Microsoft will also be slowly adding individual Windows patches that were released prior to October 2016 with an ultimate goal of having the most recent Monthly Rollup include all patches dating back to the last baseline, allowing for patching of new machines with one update. This mirrors the current Windows 10 update process.
Microsoft also stated that security patches will be combined into a separate update (referred to as the Security-only update) each month. Unlike the Monthly Rollup, the monthly Security-only update includes only the security patches released that month. This provides a smaller-sized update for machines that require security fixes but not reliability fixes.
ZENworks Patch Management Support
ZENworks Patch Management will continue to provide Windows updates in the same manner that Microsoft provides them.
Beginning with the release of Windows 10, ZENworks Patch Management has supported the Windows 10 patching model. The latest change by Microsoft basically applies this same Windows 10 model to Windows 7 SP1, Windows 8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.
In all cases, we recommend 1) installing the Monthly Rollup to get the latest Windows security and reliability patches, 2) installing any individual Microsoft non-operating system patches, and 3) installing any third-party patches.
Be aware that the Monthly Rollup is treated as one update, meaning that all patches included in the rollup are applied regardless of the Impact criteria (Critical, Recommended, Informational, or Software Installer) you established for applying patches in your system. If desired, you can use the Security-only update to limit updates to the most critical patches.