Windows 10 cumulative updates and branches have a critical relationship. Failing to understand the branch lifecycle can create risk for any patch management program. Much of this article will be a rehash of previous articles I’ve written on Windows 10 branch upgrade management, but it is so important to understand this relationship that I’m going to cover this topic again with an angle on the impact to cumulative updates.
Windows 10 Branch Lifecycle
From the time that a new branch is released, there is a minimum lifecycle of 18 months broken down in the following phases:
- General Availability (GA) with Current Branch
- Current Branch for Business declared at least 4 months after GA
- Grace period begins at least 16 months after GA and lasts for 60 days
- Once grace period is complete, new cumulative updates are not released for that branch
Let me repeat that last point: once a branch has finished the grace period, there will be no more patches. Here’s a visualization of this lifecycle:
An update for every branch
As mentioned in my Windows 10 Cumulative Updates Overview, there are distinct update packages for each branch. To date, there is one for 1507, 1511, and 1607. Each package only installs on that specific branch – this is how support will likely be curtailed for older branches.
As to the size, cumulative updates are generally smaller for newer branches as fixes are rolled into the branch upgrade.
Current Branch for Business
This milestone signifies that a branch is at a higher level of quality and begins with Microsoft declaring a cumulative update that distinguishes a branch to be Current Branch for Business. Only branch 1511 has gone through the Current Branch for Business declaration event. In that case, Current Branch for Business was simply a combination of the GA 1511 release and the March 2016 cumulative update meaning ongoing updates gives the same level of stability to Current Branch systems as those who waited and applied the Current Branch for Business upgrade.
Based on various articles and conversations with Microsoft, we believe the Grace Period for the oldest branch (latest branch – 2) will begin when the latest branch reaches Current Branch for Business. There is a lot of potential variability here as the declaration of Current Branch for Business for 1511 occurred in early April 2016, but didn’t reach Windows Update until late May.
End of Support
Once the Grace Period is complete, there are no more patches for that branch. With the exception of the Long-Term Servicing Branch version of Windows 10, this means systems will need to be upgraded as frequently as 18 months.
Deconstructing a Branch Lifecycle
To date, no branch (including the original 1507) has gone through the entire lifecycle that Microsoft has outlined. Here is a table outlining the three Windows 10 branches to date and their lifecycle milestones with some estimated dates for future milestones.
|Current Branch Availability||July 29, 2015||November 12, 2015||August 2, 2016|
|Current Branch for Business||July 29, 2015||April 8, 2016||December 2016*|
|Grace Period Begins||December 2016*||Unknown||Unknown|
|Grace Period Ends||February 2017*||Unknown||Unknown|
* Estimated dates
Upgrade your branches or…
With this new continuous update model, businesses must have a plan to continuously update to newer versions of branches to be able to apply the latest security fixes. As I discussed in earlier articles, there is a whole strategy to this (see Windows 10 Branch Upgrade Strategy). If upgrading systems is an issue one option is to consider using Windows 10 Long-Term Servicing Branch (LTSB) which will have a patch support lifecycle of 10 years.
Here are the points to remember from this article:
- Cumulative updates are specific to branch versions.
- Branches have a lifecycle as short as 18 months.
- If you can’t keep up with branch upgrades, consider Windows 10 LTSB version.