Thursday, December 10, 2020

Software Updates Classifications and Products

 

Classifications:

 

·       Critical Updates: Specifies a widely released fix for a specific problem that addresses a critical, non-security-related bug.

 

·       Definition Updates: Specifies a widely released and frequent software update that contains additions to a product's definition database.

 

·       Feature Packs: Specifies new product functionality that is first distributed outside of a product release and that's typically included in the next full product release.

 

·       Security Updates: Specifies a widely released fix for a product-specific, security-related vulnerability.

 

·       Service Packs: Specifies a tested, cumulative set of all hotfixes, security updates, critical updates, and updates that are applied to a product. Additionally, service packs may contain additional fixes for problems that are found internally since the release of the product.

 

·       Tools: Specifies a utility or feature that helps to complete one or more tasks.

 

·       Update Rollups: Specifies a tested, cumulative set of hotfixes, security updates, critical updates, and updates that are packaged together for easy deployment. An update rollup generally addresses a specific area, such as a security or product component.

 

·       Updates: Specifies a widely released fix for a specific problem. An update addresses a non-critical, non-security-related bug.

 

·       Upgrade: Specifies an upgrade for Windows 10 features and functionality. These updates are also known as feature updates for Windows 10 operating systems. Your software update points and sites must run a minimum of WSUS 6.2 with the hotfix 3095113 to get the Upgrade classification. For more information about installing this update and other updates for Upgrades, see Prerequisites for software updates.

 

Microsoft Surface drivers are not in any of the classifications, you must check the check-box at the bottom of the classifications tab because Microsoft can never stick to any one naming convention or standard.

 

Green = Definitely want to include these

Orange = Discuss within your organization whether to include these

Red = Generally don't want to do this

 

Products

 

For most products, just select what you actually have in your environment.  Use software inventories to determine whether or not the product exists.  If you are unsure what the product is, search for it on the Internet as it may actually be something that you have but are unaware of (such as CAPICOM).

 

For the long list of Windows 10 products select:

·         Windows 10 (covers all windows versions prior to 1903)

·         Windows 10 version 1903 and later

·         Windows 10 LTSB (only if you have LTSB in your environment)

 

Do not select:

·         Products that contain the word "Drivers". Drivers are not deployable from ConfigMgr (via Software Updates) so these WSUS product categories should not be chosen in ConfigMgr as nothing will show up for them anyway in ConfigMgr.

·         Products that contain "Dynamic Updates" or "GDR-DU" as these are for Windows Setup and thus only applicable during Windows installation and thus not deployable from ConfigMgr and will also not result in any updates showing in the ConfigMgr console.

·         Products that contain "Upgrade & Servicing Drivers" as These refer to drivers exclusively required during a dynamic update.

 

Microsoft Surface drivers are distributed as "Updates", not as "Drivers" because Microsoft can never stick to any one naming convention or standard. 

 

Language Packs and Windows 10 Features On Demand

 

Windows 10 Features On Demand refers to features you can add via the Control Panel under Programs or the App Settings under Apps & Features. Beginning with Windows 10 1709, you can’t use WSUS to host Features on Demand and language packs for Windows 10 clients. Instead, you need to download them directly from Windows Update. If you’re using SCCM or WSUS for your software update, you need to change a Group Policy setting that lets clients download these directly from Windows Update instead of your on-premise infrastructure. Without this group policy, all your installation tentative will fails with error 0x800f0954. This is because your client will check on your on-premise servers instead of Microsoft Update and won’t be able to find the feature.

 

Reference <https://docs.microsoft.com/en-us/mem/configmgr/sum/get-started/configure-classifications-and-products>
Reference <https://systemcenterdudes.com/deploy-sccm-feature-on-demand/>

Reference <https://4sysops.com/archives/selecting-products-in-wsus-for-windows-10/>

No comments:

Post a Comment