WaaS demystified – Part 2 – Windows 10 Updates

Previous blog: Windows as a Service Demystified – Part 1 – Introduction: What is WaaS.

Once you have installed Windows 10 for the first time on a device (it may have come pre-installed for you when you purchased it), Microsoft will support the Windows 10 installed build for a specific duration depending on the installed Windows 10 edition and build number. Before reaching the end of that period, you will either have to re-install Windows 10 from scratch with the new build number or simply update it – just as you would for a regular security patch – with an update called a Feature Update.  

I briefly mentioned in the introduction of this blog series that you need to install the Feature Updates if you want to stay current with Windows 10 builds.  I also stated that you still would have to patch your client OS with monthly Quality updates.  Feature and Quality updates are what Microsoft calls ‘Servicing’. In other words, they are the 2 update categories of updates to make your Windows 10 device updated with new features, with security patches and bug fixes. But what are they exactly and how are they the same and/or different?  

  1. Feature updates 

Feature updates are the new features that are added or modified to (sometimes even pulled out from) a new Windows 10 Build. In essence, Windows 10 gets better with each feature update by adding more tools for IT and/or making the end user experience and productivity better.  For example, Windows 10 1511 (I know that’s old 😊) saw the “Mail, Calendar, Photos, Maps, Groove and Skype” features added.  Whereas the 1703 build had Hyper-V, Paint 3D, Windows Insider Program for Business, etc.  These are to name just a few for those builds and there are not just new tools, sometimes they include “cosmetic” improvements to provide a better experience with the interface (such as the “Night Light” feature added in build 1703). As of this writing, you can view build 1909 features: 

  1. Quality updates 

Quality updates are your security updates and bug fixes. These are critical to the security of your Windows 10 devices and they are cumulative which means that as soon as you apply 1 Quality update (even if you haven’t for 3 or 4 months straight), your device is 100% fully patched.  However, after a feature update, quality updates grow in size each month to meet the “fully patched” requirement. They may start at 100 to 200 Mb a month after a feature update but, 6 to 8 months down the line, they may grow to be 1 to 1.2Gb. So, Microsoft designed 3 different update types of which one has been recently deprecated: 

  • Full Update: Also called the Latest Cumulative Update or LCU, it has all the necessary components and files that have changed since the last feature update. 
  • Express Update: These will generate differential downloads for every component in the full update based on several cases. Let’s say the last LCU was in January and it contained an update to the autopilotdiag.dll.  The express update for February will have the differential for all autopilotdiag.dll changes from October to November, November to December, December to January and finally January to February.  A device that’s leveraging express updates will download what is needed only and not the entire LCU but just the differential since its last LCU. 
  • Delta Update (deprecated since 1809): Delta updates would only install if a device already has the previous month’s update installed. So, if autopilotdiag.dll changed in January but not Calculator, then only autopilotdiag.dll would get updated and not Calculator.  But Delta updates include the full component that changed, not just the individual files; this leads to having Delta updates larger in size than their Express updates counterpart.  

Delta updates, available for Windows 10 1607 up to 1803, have stopped being shipped since February 12th, 2019 even though they were deprecated since build 1809 (September 2018) because Express updates have been made available for 3rd party update managers for a while before then. 

In the coming article, I will present what Microsoft calls the ‘Servicing Channels’: how Microsoft makes the updates available depending on the update frequency that organizations would like to apply on their individual devices.  

  1. One more “for the road”, Servicing Stack Update (SSU): This update provides fixes to the component that installs Windows updates. It improves the reliability of the update process to mitigate potential issues while installing the latest quality and feature updates. If the latest SSU isn’t installed, there’s a risk that a device can’t be updated with the latest Microsoft security fixes.  

In other words, you need to keep track of when an SSU is available and deploy it to all your devices before deploying a feature or a quality update. 

Karim Slaoui
Karim Slaoui
Senior Cloud Consultant