Microsoft rejigs Patch Wednesday with new update structure

Windows administrators will have new patching options from this Wednesday as Microsoft drastically changes how it provides monthly security and operating system fixes.

As part of Microsoft's new roll-up model for updates, the company said it will now release three tranches of patches every month.

The new update structure applies to Windows 7 Service Pack 1 and 8.1 as well as Server 2008 R2 and Server 2012 R2. Microsoft said the changes will bring "a more consistent and simplified servicing experience".

A security quality update published only to the Windows Server Update Services (WSUS) - not Windows Update - will contain all new security fixes for the current month. 

Microsoft will provide a security monthly quality roll-up, published to Windows Update, WSUS, and the Windows Update Catalogue, containing all new security fixes for the current month, and patches from all previously monthly roll-ups.

Microsoft's new Patch Wednesday release structure.

Both will be released on Patch Wednesday. Microsoft refers to them as "B Week updates".

A preview of the monthly quality roll-up that contains non-security fixes - to be known as "C week updates" - will be published to WSUS, Windows Update and Windows Update Catalogue. This will be available on the third Wednesday of every month, not the second as is the case with Patch Wednesday.

In terms of update strategy, Microsoft said administrators now have several options for updating Windows 7 and 8.1 computers.

The company's preferred model is for all security and non-security fixes to be installed as they are released. Admins can also decide to install just the security fixes and nothing else, or add some non-security patches to the mix.

Organisations concerned about potential problems caused by patches can participate in Microsoft's security update validation program (SUVP). This lets them test and validate updates before they're publicly released, with "ringed" deployment in one or more pilot groups.