fbpx

#Security

Microsoft to whip enterprises with Windows 10 patch stick to keep them in line

By  | 

In a partner-only presentation in April Helen Harmetz, Senior Product Manager at Microsoft, confirmed that the company will be adopting a rather strict stance as far as Windows 10 updates for enterprise customers go and that it will provide them with two options to keep their systems up-to-date.

Current Branch for Business (CBB) and Long-Term Service Branch (LTSB) are the two options that enterprise customers can chose from. Under the Current Branch for Business (CBB), which seems to be the options that Microsoft prefers, customers will have eight months to deploy a build tagged by Microsoft as business ready. If enterprises fail to apply the patch, the company will cutoff any future patches.

LTSB on the other hand is more like the traditional Windows 7 SP1 upgrade experience wherein in all the updated bits will be supplied in each LTSB so businesses can even choose to skip an update.

In case an enterprise has opted for CBB and fails to consume the updates in the allotted time, they won’t be able to consume or see the next available update, and the only option left for them will be to switch to LTSB and perform an in-place upgrade instead.

“Customers who are embracing Current Branch for Business do need to consume that feature update within the allotted time period of approximately eight months or they will not be able to see and consume the next security update. So there is a consumption that has to happen here,” Harmetz said in the webinar first obtained by WindowsIT Pro.

Redmond doesn’t want companies opting for LTSB or in other words, Microsoft wants companies to consider putting only some of their devices on the LTSB and that too in niche scenarios or mission critical systems.

According to Harmetz, the path for enterprise builds will be as follows: first the company will build and OS update after which it will go for internal validation followed by limited and broad external testing. Once satisfied, the update will be marked as the Current Branch (consumers). For about four months, the consumers will be testing it out on their live networks and once Microsoft considers the update as stable enough after fixing customer issues, it will declare the update as ready for business. Once its declared business ready, the updates can be deployed using CBB or LTSB.

“If customers are using their infrastructure to deploy feature updates, they actually have a total of eight months to validate and deploy that feature set after it’s been declared business ready,” said Harmetz.

But if companies fail to apply a CBB within the maximum of eight months, the devices in question will no longer receive security patches and bug fixes. And this is the idea that would send chills down the spine of network and security administrators as no one likes the idea of running unpatched devices in live networks – and hence Microsoft hopes that the Windows 10 patch stick will keep enterprises in line.