Windows 7 & Windows 8.1 Cumulative Patching
Many Radia users have been highlighting the fact that Microsoft is making changes to the way it releases patches for all versions of Windows going forward. The latest in the series of updates coming from Redmond can be found at:
Radia is well-equipped to handle these changes and you will have uninterrupted support for your large Windows 7 deployments with any release of Radia. We do not anticipate any changes needed to servers or agents. The key thing to understand is that the only change that Microsoft is introducing is a cumulative update instead of individual bulletins. Unlike Windows 10, there are no branches. The experience of the patching process will be similar to what you are already used to doing for Windows 7 and Windows 8.1 with the added convenience that there will be fewer updates to apply. Please note that just like in the case of Windows 10, all updates will be an all-or-nothing cumulative update that gets applied and the reporting will reflect the reduced granularity in the cumulative update.
This article has been left open for comments as we anticipate there may be follow up questions for Accelerite and the Radia community. If you have questions specific to your environment then as ever please log a support case.
Technet article 'https://technet.microsoft.com/en-us/security/mt791750' has a couple of interesting Q&A:
============================================================================
Q: I am using Microsoft Patch management software such as WSUS or SCCM. How will those tools be affected by security bulletin deprecation?
A: Microsoft Patch Management tools will be updated as needed to ensure that these tools will continue to work correctly with the new Security Updates Guide.
Q: I am using 3rd party management tools. Will there be any impact on those products?
A: We are working with companies that provide management tools to adjust their products to work with the new Security Updates Guide. Microsoft cannot guarantee that all third-party software will work in the future.
================================================================================
Please can you confirm that the patch feeds & client/server components for Radia 7.9 will still be able to acquire & deploy vulnerability patches after January 2017?
Please include in this answer information for all supported versions. (we have 9.2)
Agreed. Please provide status on this new model and where Radia Patch Management functionality sits ASAP.
If I am reading it correctly, Microsoft is changing from a BulletinID model to a KBnumber model. I would expect Radia to be able to acquire content based on KBnumber instead of BulletinID as long as the content is available via MUC, which it appears to be. I currently support KBnumber model each month for customers that do not use the BulletinID model and that should not change. I can download the same content from Security Updates Guide as the Security Bulletin/KBnumbers.
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
“The way Microsoft documents security updates is changing. The previous model used security bulletin webpages and included security bulletin ID numbers (e.g. MS16-XXX) as a pivot point. This form of security update documentation, including bulletin ID numbers, is being retired after the January 10, 2017 security update release. The new model for documenting security updates is the Security Updates Guide. Instead of bulletin IDs, the new guide pivots on vulnerability ID numbers and KB Article ID numbers.”