Windows as a Service: Keep Windows 10 Up-to-Date

Windows as a Service: Keep Windows 10 Up-to-Date

With Windows 10, Microsoft intends for organizations to treat the operating system as service, similar to Office 365. Windows 10 will follow a quick release schedule, similar to what Apple has been doing for the last few years. There will be major updates to Windows 10 coming out every 6-8 months. Keeping these systems up-to-date will be a challenge, and will probably require a realignment in processes.

Windows 10 builds

As stated above, Microsoft will release major updates to Windows 10 every 6-8 months. The process will like this. First, engineers at Microsoft will test new builds, almost daily. Then, updates will be rolled to Microsoft employees for validation. Next, builds will be released to those in the Insider Preview program, on either a fast or slow ring. This group is several million people, so here is where the real testing occurs. After they have it for 4-6 months, it will be released to machines in the Current Branch. After 4-6 months there, it will be released to Current Branch for Business machines.


When Should I Apply Updates?

Microsoft recommends keeping users in all three release rings. Your operating system deployment and application engineers are prefect for the Insider Preview Branch. You should keep this ring to only a handful of people, as this ring is technically trying beta versions of Windows. Those in this ring will also get frequent updates that require as much as 30 minutes to an hour to apply. There are also two subrings to this ring – fast and slow.

Next is current branch. You should apply this branch to 10%-15% of your devices. When major updates get to this level, they have been vetted by millions of users, so it should be fairly stable. This pilot group will ensure that your business applications have no issue. That four-month pilot phase is a pretty good estimate of the amount of time for this phase.

Next, the rest of your devices should be in the CBB ring, and get the updates after they have gone through the other two rings.


How do I Set this Up?

The next versions of SCCM and WSUS will have controls for assigning the CB and CBB rings to devices. We don’t know what that will look like yet, only that it will be there. The Insider Preview version is set from the update settings on the individual device.

These upgrades will be delivered via Software Updates or WSUS. You can consider these upgrades as your typical in-place upgrade. As long as you permit them, users, for 30 days, will be able to roll their installation back to the previous version if they have problems with the new update.

Typical Patch Tuesday Scenario with Windows 10

Patch Tuesdays with Windows 10 will be much easier. Microsoft, every month, will release one (or two) updates. There will be a single update containing security, bug, and reliability fixes. That’s it. Sometimes there may also be a platform update, but that’s still only two updates every month that you have to deploy. These updates are also cumulative, so if for some reason a device missed September’s update, there will still only be one (or two) updates in October. The September update is included in the October update.

Long Term Servicing Branch

I make no mention of this branch in the update structure for Windows 10. Basically, the LTSB version will be like previous releases of Windows. New versions will come out every 2-3 years, and have the same support level as previous versions of Windows (five-year standard support, five-year extended support). This version is only intended for highly critical systems that cannot change, such as ATM’s, medical equipment, and nuclear reactors.

Summary – Why Windows as a Service? (and why would I not just do LTSB)

This model will affectively end costly operating system upgrades. The days of your Windows XP to Windows 7 migration are over with this model. There is no more wipe and reload every system in your organization.

That is also why you do not want to do the LTSB version, unless absolutely necessary. Upgrading between LTSB versions will be wipe and reload migrations.



Contact Us

On Key

More Posts

WME Cybersecurity Briefings No. 005
Cyber Security

WME Security Briefing 15 April 2024

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor Overview Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to

Read More »
WME Cybersecurity Briefings No. 004
Cyber Security

WME Security Briefing 11 April 2024

Mispadu Trojan Exploits Windows Vulnerability to Target Financial Data Overview The Mispadu banking trojan has intensified its operations as it’s exploiting an already patched Windows SmartScreen flaw. Since its initial identification in 2019, Mispadu has primarily preyed on

Read More »
WME Cybersecurity Briefings No. 003
Cyber Security

WME Security Briefing 29 March 2024

Russian hackers escalating their cyber warfare, deploying TinyTurla-NG to breach European NGOs. Cisco Talos reveals a targeted attack against organizations advocating democracy and supporting Ukraine. With their sophisticated methods, these cyber attackers are bypassing antivirus defenses

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.