Patch Tuesday is now CU Tuesday - Now What?

[MagnumVP]

Now that Microsoft is no longer proving a patch-by-patch Tuesday and is an All-In-One Package, how is that handled within SCCM12?

 

I followed the guide outlined on this site (BEST GUIDE EVER), so do I need to change anything or will the patches stop working until i modify the requirements and criteria?

 

What's everyone else doing with these CU patches?

[eazygoins]

I came here searching about this questions as well.

[Rocket Man]

Maybe this can help, lots of questions and answers, so I presume this is related to SCCM managing WSUS also

 

https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/

 

 

This only takes affect from this month so it will be good to see what the ADR pulls down this patch Tuesday!

[YPCC]

Id imagine not much changes in the way of deployment. Instead of multiple patches, youll get 1 patch. If you need to roll back, the whole patch has to come off.

 

Not sure how a ADR will react though.

[Rocket Man]

I suspect if you have a windows 7, windows 8.1 filter and superseded NO filter it should pull down the relevant cumulative update for that cycle.

It sounds like it will be easier to manage and systems will be much easier managed in relation to update compliance but granularity is adios, you either install the cumulative update with all updates embedded in it or you don't. No rolling back certain updates you have to uninstall the cumulative convenience update as a whole.... time will tell

[Rocket Man]

Here is more relevant information on the topic.

Looks like the ADR will have to be adjusted if only wishing to deploy Monthly Rollup which does contain the security updates!

 

 

Since all the new security fixes for a given month are available in both the security-only update and the monthly rollup, it’s important to understand the behavior that may been seen if you deploy both updates in the same month.

For example, assume you approve and deploy the security-only update and the monthly rollup that are both released on Update Tuesday (a.k.a. “Patch Tuesday,” the second Tuesday of the month). This isn’t necessary, since the security fixes are also included in the monthly rollup, and it would generate additional network traffic since both would be downloaded to the PC. But what would happen? It depends on the installation sequence:

• If the monthly rollup fix installs first, the security-only update would then no longer be applicable to the PC, since the entire content of that security-only update would already be installed.
• If the security-only update installs first, the monthly rollup will still be applicable as it contains additional fixes (both non-security fixes and older security fixes) that are needed by the PC.

Depending on the management tool you are using to deploy these updates, this may be represented differently in the compliance reports provided by those tools.

As long as you install one or the other (security-only update or monthly rollup), the PCs will have the needed security fixes released that month.

 

EDIT:

More on the dotNET Reliability Monthly Update