mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 04:13:41 +00:00
metadata, formatting, and wording tweaks
This commit is contained in:
Meghan Stewart
@ -2,20 +2,23 @@
|
||||
title: Windows Updates using forward and reverse differentials
|
||||
description: A technique to produce compact software updates optimized for any origin and destination revision pair
|
||||
ms.prod: windows-client
|
||||
ms.technology: itpro-updates
|
||||
ms.topic: reference
|
||||
author: mestew
|
||||
ms.localizationpriority: medium
|
||||
ms.author: mstewart
|
||||
manager: aaroncz
|
||||
ms.topic: article
|
||||
ms.technology: itpro-updates
|
||||
ms.date: 12/31/2017
|
||||
ms.localizationpriority: medium
|
||||
appliesto:
|
||||
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
|
||||
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
|
||||
ms.date: 08/21/2021
|
||||
---
|
||||
|
||||
# Windows Updates using forward and reverse differentials
|
||||
|
||||
Windows 10 monthly quality updates are cumulative, containing all previously
|
||||
Windows monthly quality updates are cumulative, containing all previously
|
||||
released fixes to ensure consistency and simplicity. For an operating system
|
||||
platform like Windows 10, which stays in support for multiple years, the size of
|
||||
platform like Windows, which stays in support for multiple years, the size of
|
||||
monthly quality updates can quickly grow large, thus directly impacting network
|
||||
bandwidth consumption.
|
||||
|
||||
@ -23,8 +26,8 @@ Today, this problem is addressed by using express downloads, where differential
|
||||
downloads for every changed file in the update are generated based on selected
|
||||
historical revisions plus the base version. In this paper, we introduce a new
|
||||
technique to build compact software update packages that are applicable to any
|
||||
revision of the base version, and then describe how Windows 10 quality updates
|
||||
uses this technique.
|
||||
revision of the base version, and then describe how Windows quality updates
|
||||
use this technique.
|
||||
|
||||
## General Terms
|
||||
|
||||
@ -65,45 +68,44 @@ numerous advantages:
|
||||
- Efficient to install
|
||||
- Redistributable
|
||||
|
||||
Historically, download sizes of Windows 10 quality updates (Windows 10, version 1803 and older supported versions of Windows 10) are optimized by using express download. Express download is optimized such that updating Windows 10 systems will download the minimum number of bytes. This is achieved by generating differentials for every updated file based on selected historical base revisions of the same file + its base or RTM version.
|
||||
Historically, download sizes of Windows quality updates (Windows 10, version 1803 and older supported versions of Windows 10) were optimized by using express download. Express download is optimized such that updating Windows systems download the minimum number of bytes. This is achieved by generating differentials for every updated file based on selected historical base revisions of the same file + its base or RTM version.
|
||||
|
||||
For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as “express download files”) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), Microsoft Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device leveraging express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
|
||||
For example, if the October monthly quality update has updated Notepad.exe, differentials for Notepad.exe file changes from September to October, August to October, July to October, June to October, and from the original feature release to October are generated. All these differentials are stored in a Patch Storage File (PSF, also referred to as express download files) and hosted or cached on Windows Update or other update management or distribution servers (for example, Windows Server Update Services (WSUS), Microsoft Configuration Manager, or a non-Microsoft update management or distribution server that supports express updates). A device applying express updates uses network protocol to determine optimal differentials, then downloads only what is needed from the update distribution endpoints.
|
||||
|
||||
The flip side of express download is that the size of PSF files can be very large depending on the number of historical baselines against which differentials were calculated. Downloading and caching large PSF files to on-premises or remote update distribution servers is problematic for most organizations, hence they are unable to leverage express updates to keep their fleet of devices running Windows 10 up to date. Secondly, due to the complexity of generating differentials and size of the express files that need to be cached on update distribution servers, it is only feasible to generate express download files for the most common baselines, thus express updates are only applicable to selected baselines. Finally, calculation of optimal differentials is expensive in terms of system memory utilization, especially for low-cost systems, impacting their ability to download and apply an update seamlessly.
|
||||
The flip side of express download is that the size of PSF files can be large depending on the number of historical baselines against which differentials were calculated. Downloading and caching large PSF files to on-premises or remote update distribution servers is problematic for most organizations, hence they're unable to use express updates to keep their fleet of devices running Windows up to date. Secondly, due to the complexity of generating differentials and size of the express files that need to be cached on update distribution servers, it's only feasible to generate express download files for the most common baselines, thus express updates are only applicable to selected baselines. Finally, calculation of optimal differentials is expensive in terms of system memory utilization, especially for low-cost systems, impacting their ability to download and apply an update seamlessly.
|
||||
|
||||
In the following sections, we describe how Windows 10 quality updates will leverage this technique based on forward and reverse differentials for newer releases of Windows 10 and Windows Server to overcome the challenges with express downloads.
|
||||
In the following sections, we describe how quality updates use this technique based on forward and reverse differentials for newer releases of Windows and Windows Server to overcome the challenges with express downloads.
|
||||
|
||||
## High-level Design
|
||||
|
||||
### Update packaging
|
||||
|
||||
Windows 10 quality update packages will contain forward differentials from quality update RTM baselines (∆RTM→N) and reverse differentials back to RTM (∆N→RTM) for each file that has changed since RTM. By using the RTM version as the baseline, we ensure that all devices will have an identical payload. Update package metadata, content manifests, and forward and reverse differentials will be packaged into a cabinet file (.cab). This .cab file, and the applicability logic, will also be wrapped in Microsoft Standalone Update (.msu) format.
|
||||
Windows quality update packages contain forward differentials from quality update RTM baselines (∆RTM→N) and reverse differentials back to RTM (∆N→RTM) for each file that has changed since RTM. By using the RTM version as the baseline, we ensure that all devices have an identical payload. Update package metadata, content manifests, and forward and reverse differentials are packaged into a cabinet file (.cab). This .cab file, and the applicability logic, will also be wrapped in Microsoft Standalone Update (.msu) format.
|
||||
|
||||
There can be cases where new files are added to the system during servicing. These files will not have RTM baselines, thus forward and reverse differentials cannot be used. In these scenarios, null differentials will be used to handle servicing. Null differentials are the slightly compressed and optimized version of the full binaries. Update packages can have either forward or reverse differentials, or null differential of any given binary in them. The following image symbolizes the content of a Windows 10 quality update installer:
|
||||
There can be cases where new files are added to the system during servicing. These files won't have RTM baselines, thus forward and reverse differentials can't be used. In these scenarios, null differentials are used to handle servicing. Null differentials are the slightly compressed and optimized version of the full binaries. Update packages can have either forward or reverse differentials, or null differential of any given binary in them. The following image symbolizes the content of a Windows quality update installer:
|
||||
|
||||
|
||||
|
||||
### Hydration and installation
|
||||
|
||||
Once the usual applicability checks are performed on the update package and are determined to be applicable, the Windows component servicing infrastructure will hydrate the full files during pre-installation and then proceed with the usual installation process.
|
||||
Once the usual applicability checks are performed on the update package and are determined to be applicable, the Windows component servicing infrastructure hydrates the full files during preinstallation and then proceeds with the usual installation process.
|
||||
|
||||
Below is a high-level sequence of activities that the component servicing infrastructure will run in a transaction to complete installation of the update:
|
||||
Below is a high-level sequence of activities that the component servicing infrastructure runs in a transaction to complete installation of the update:
|
||||
|
||||
- Identify all files that are required to install the update.
|
||||
- Hydrate each of necessary files using current version (V<sub>N</sub>) of the file, reverse differential (V<sub>N</sub>--->RTM) of the file back to quality update RTM/base version and forward differential (V<sub>RTM</sub>--->R) from feature update RTM/base version to the target version. Also, use null differential hydration to hydrate null compressed files.
|
||||
- Stage the hydrated files (full file), forward differentials (under ‘f’ folder) and reverse differentials (under ‘r’ folder) or null compressed files (under ‘n’ folder) in the component store (%windir%\\WinSxS folder).
|
||||
- Stage the hydrated files (full file), forward differentials (under `f` folder) and reverse differentials (under `r` folder) or null compressed files (under `n` folder) in the component store (%windir%\\WinSxS folder).
|
||||
- Resolve any dependencies and install components.
|
||||
- Clean up older state (V<sub>N-1</sub>); the previous state V<sub>N</sub> is retained for uninstallation and restoration or repair.
|
||||
|
||||
### **Resilient Hydration**
|
||||
|
||||
To ensure resiliency against component store corruption or missing files that could occur due to susceptibility of certain types of hardware to file system corruption, a corruption repair service has been traditionally used to recover the component store automatically (“automatic corruption repair”) or on demand (“manual corruption repair”) using an online or local repair source. This service will continue to offer the ability to repair and recover content for
|
||||
hydration and successfully install an update, if needed.
|
||||
To ensure resiliency against component store corruption or missing files that could occur due to susceptibility of certain types of hardware to file system corruption, a corruption repair service has been traditionally used to recover the component store automatically (automatic corruption repair) or on demand (manual corruption repair) using an online or local repair source. This service will continue to offer the ability to repair and recover content for hydration and successfully install an update, if needed.
|
||||
|
||||
When corruption is detected during update operations, automatic corruption repair will start as usual and use the Baseless Patch Storage File published to Windows Update for each update to fix corrupted manifests, binary differentials, or hydrated or full files. Baseless patch storage files will contain reverse and forward differentials and full files for each updated component. Integrity of the repair files will be hash verified.
|
||||
When corruption is detected during update operations, automatic corruption repair starts as usual and uses the Baseless Patch Storage File published to Windows Update for each update to fix corrupted manifests, binary differentials, or hydrated or full files. Baseless patch storage files contain reverse and forward differentials and full files for each updated component. Integrity of the repair files will be hash verified.
|
||||
|
||||
Corruption repair will use the component manifest to detect missing files and get hashes for corruption detection. During update installation, new registry flags for each differential staged on the machine will be set. When automatic corruption repair runs, it will scan hydrated files using the manifest and differential files using the flags. If the differential cannot be found or verified, it will be added to the list of corruptions to repair.
|
||||
Corruption repair uses the component manifest to detect missing files and get hashes for corruption detection. During update installation, new registry flags for each differential staged on the machine are set. When automatic corruption repair runs, it scans hydrated files using the manifest and differential files using the flags. If the differential can't be found or verified, it's added to the list of corruptions to repair.
|
||||
|
||||
### Lazy automatic corruption repair
|
||||
|
||||
“Lazy automatic corruption repair” runs during update operations to detect corrupted binaries and differentials. While applying an update, if hydration of any file fails, "lazy" automatic corruption repair automatically starts, identifies the corrupted binary or differential file, and then adds it to the corruption list. Later, the update operation continues as far as it can go, so that "lazy" automatic corruption repair can collect as many corrupted files to fix as possible. At the end of the hydration section, the update fails, and automatic corruption repair starts. Automatic corruption repair runs as usual and at the end of its operation, adds the corruption list generated by "lazy" automatic corruption repair on top of the new list to repair. Automatic corruption repair then repairs the files on the corruption list and installation of the update will succeed on the next attempt.
|
||||
"Lazy automatic corruption repair" runs during update operations to detect corrupted binaries and differentials. While applying an update, if hydration of any file fails, "lazy" automatic corruption repair automatically starts, identifies the corrupted binary or differential file, and then adds it to the corruption list. Later, the update operation continues as far as it can go, so that "lazy" automatic corruption repair can collect as many corrupted files to fix as possible. At the end of the hydration section, the update fails, and automatic corruption repair starts. Automatic corruption repair runs as usual and at the end of its operation, adds the corruption list generated by "lazy" automatic corruption repair on top of the new list to repair. Automatic corruption repair then repairs the files on the corruption list and installation of the update will succeed on the next attempt.
|
||||
|
||||
@ -1,19 +1,21 @@
|
||||
---
|
||||
title: Update release cycle for Windows clients
|
||||
description: Learn about the release cycle of updates for Windows clients to stay productive and protected.
|
||||
description: Learn about the release cycle for updates so Windows clients in your organization stay productive and protected.
|
||||
ms.prod: windows-client
|
||||
ms.technology: itpro-updates
|
||||
ms.topic: conceptual
|
||||
author: mestew
|
||||
ms.localizationpriority: medium
|
||||
ms.author: mstewart
|
||||
manager: aaroncz
|
||||
ms.topic: article
|
||||
ms.technology: itpro-updates
|
||||
ms.localizationpriority: medium
|
||||
appliesto:
|
||||
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
|
||||
- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
|
||||
ms.date: 05/19/2023
|
||||
---
|
||||
|
||||
# Update release cycle for Windows clients
|
||||
<!--7696511-->
|
||||
***(Applies to: Windows 11 & Windows 10)***
|
||||
|
||||
Windows updates help you to stay productive and protected. They provide your users and IT administrators with the security fixes they need, and protect devices so that unpatched vulnerabilities can't be exploited. Updates for the Windows client OS are typically cumulative. They include all previously released fixes to guard against fragmentation of the operating system. Reliability and vulnerability issues can occur when only a subset of fixes is installed.
|
||||
|
||||
@ -23,11 +25,11 @@ This article provides details on the types of updates that Microsoft provides, a
|
||||
|
||||
|Release type | Description | Release cycle |
|
||||
|---|---|---|
|
||||
| [Monthly security update release](#monthly-security-update-release)| A cumulative update release that includes both security and non-security content | Second Tuesday of each month, typically published at 10:00 AM Pacific Time (PST/PDT) |
|
||||
| [Optional non-security preview release](#optional-non-security-preview-release)| An optional cumulative update release that's typically used for early validation of the monthly security update release| Fourth Tuesday of each month, typically published at 10:00 AM Pacific Time (PST/PDT) |
|
||||
| [Monthly security update release](#monthly-security-update-release)| A cumulative update release that includes both security and nonsecurity content | Second Tuesday of each month, typically published at 10:00 AM Pacific Time (PST/PDT) |
|
||||
| [Optional nonsecurity preview release](#optional-non-security-preview-release)| An optional cumulative update release that's typically used for early validation of the monthly security update release| Fourth Tuesday of each month, typically published at 10:00 AM Pacific Time (PST/PDT) |
|
||||
| [Out-of-band (OOB) release](#oob-releases) | Resolves a recently identified issue or vulnerability | As needed |
|
||||
| [Annual feature update](#annual-feature-updates) | An update with new features and enhancements that also changes the Windows version | Once a year in the second half of the calendar year |
|
||||
| [Continuous innovation for Windows 11](#continuous-innovation-for-windows-11)| Introduces new features and enhancements for Windows 11 | Periodically included in an optional non-security preview release then in the monthly security update releases |
|
||||
| [Continuous innovation for Windows 11](#continuous-innovation-for-windows-11)| Introduces new features and enhancements for Windows 11 | Periodically included in an optional nonsecurity preview release then in the monthly security update releases |
|
||||
|
||||
|
||||
## Monthly security update release
|
||||
@ -42,7 +44,7 @@ Most people are familiar with the **monthly security update release**. The **mon
|
||||
- Latest cumulative update (LCU)
|
||||
|
||||
|
||||
**Monthly security update releases** are cumulative. The release includes both new and previously released security fixes, along with non-security content introduced in the prior month's [**Optional non-security preview release**](#optional-non-security-preview-release). These updates help keep Windows devices secure and compliant by deploying stability fixes and addressing security vulnerabilities. Most organizations consider monthly security update releases as mandatory.
|
||||
**Monthly security update releases** are cumulative. The release includes both new and previously released security fixes, along with nonsecurity content introduced in the prior month's [**Optional non-security preview release**](#optional-non-security-preview-release). These updates help keep Windows devices secure and compliant by deploying stability fixes and addressing security vulnerabilities. Most organizations consider monthly security update releases as mandatory.
|
||||
|
||||
Monthly security update releases are available through the following channels:
|
||||
|
||||
@ -52,9 +54,9 @@ Monthly security update releases are available through the following channels:
|
||||
|
||||
Many update management tools, such as [Microsoft Configuration Manager](/mem/configmgr/) and [Microsoft Intune](/mem/intune/), rely on these channels for update deployment.
|
||||
|
||||
## Optional non-security preview release
|
||||
## Optional nonsecurity preview release
|
||||
|
||||
**Optional non-security preview releases** provide IT admins an opportunity for early validation of that content prior to the **monthly security update release**. Admins can test and validate production-quality releases ahead of the planned monthly security update release for the following month. These updates are optional, cumulative, non-security preview releases. New features might initially be deployed in the prior month's **optional non-security preview release**, then ship in the following **monthly security update release**. These releases are only offered to the most recent, supported versions of Windows.
|
||||
**Optional non-security preview releases** provide IT admins an opportunity for early validation of that content prior to the **monthly security update release**. Admins can test and validate production-quality releases ahead of the planned monthly security update release for the following month. These updates are optional, cumulative, nonsecurity preview releases. New features might initially be deployed in the prior month's **optional non-security preview release**, then ship in the following **monthly security update release**. These releases are only offered to the most recent, supported versions of Windows.
|
||||
|
||||
**Optional non-security preview releases** might commonly be referred to as:
|
||||
|
||||
@ -66,7 +68,7 @@ Many update management tools, such as [Microsoft Configuration Manager](/mem/con
|
||||
> [!Important]
|
||||
> Starting in April 2023, all **optional non-security preview releases** will be released on the fourth Tuesday of the month. This change in release cadence gives admins a consistent time cycle for testing and validating fixes and features.
|
||||
|
||||
To access the optional non-security preview release:
|
||||
To access the optional nonsecurity preview release:
|
||||
- Navigate to **Settings** > **Update & Security** > **Windows Update** and select **Check for updates**.
|
||||
- Use [Windows Insider Program for Business](https://insider.windows.com/for-business)
|
||||
- Use the [Microsoft Update Catalog](https://www.catalog.update.microsoft.com/Home.aspx).
|
||||
@ -78,12 +80,12 @@ To access the optional non-security preview release:
|
||||
Some key considerations about OOB releases include:
|
||||
|
||||
- OOB releases are always cumulative.
|
||||
- OOB releases supersede any prior monthly security update and optional non-security preview release.
|
||||
- OOB releases supersede any prior monthly security update and optional nonsecurity preview release.
|
||||
- OOB releases generally require IT admins to deploy off-cycle.
|
||||
- Some OOB releases are classified as critical.
|
||||
- Critical OOB releases are automatically available to WSUS and Windows Update for Business, just like the monthly security update releases.
|
||||
- Some OOB releases are classified as non-critical.
|
||||
- Non-critical releases only go to the Microsoft Update Catalog for users or organizations to voluntarily obtain the update.
|
||||
- Some OOB releases are classified as noncritical.
|
||||
- Noncritical releases only go to the Microsoft Update Catalog for users or organizations to voluntarily obtain the update.
|
||||
|
||||
## Continuous innovation for Windows 11
|
||||
|
||||
|
||||
Reference in New Issue
Block a user