Blog Post

Windows IT Pro Blog
6 MIN READ

Getting to know the Windows update history pages

Christine Ahonen's avatar
Christine Ahonen
Icon for Microsoft rankMicrosoft
Feb 22, 2019
At Microsoft, our vision for transparency is what drives us to create extensive documentation for every audience. We believe our documentation should reflect the needs of our customers and range from...
Updated Feb 22, 2019
Version 3.0
servicing and updates
MasterMysterious's avatar
MasterMysterious
Copper Contributor
Feb 23, 2019

So, you are listening? Actively? Well, here is something I originally wanted to publish in my blog. I eventually decided that my audience has no interest in reading it; they already believe in every word of it. Microsoft, however, can definitely take advantage of it.

The crazy update-related terminology

Microsoft has a whole weird set of standard update terminology that defy common sense.

  • A "security update" is a "fix for a product-specific, security-related vulnerability". But, a "security-only update" is "an update that collects all the new security updates for a given month and for a given product"! So, if it called "security update", it fixes one issue; if it is called "security-only update", it fixes several issues.
  • An "update" in Microsoft terminology is what a sane person would call a "non-security update". A "monthly rollup" is a collection of those (non-security) "updates".

Their Windows as a Service (WaaS) page introduces a couple more non-standard ones.

  • A "feature update" contains a full installation image for a new version of Windows 10. Microsoft says "these will add new features to Windows 10, delivered in bite-sized chunks compared to the previous practice of Windows releases every 3-5 years." But we all know that half of this claim is untrue. The size of a feature update is exactly the same as the size of a full Windows OS. There is nothing bite-sized about feature updates. They are massive, at least 4 GB in size.
  • A "quality update" delivers both security and non-security fixes. It appears the terms "update" and "quality update" have switched definitions. Until Windows 10 v1809, these updates were also as massive as 1 GB in size, surpassing the size of the biggest service pack the Microsoft had ever released. Starting with Windows 10 v1809, they are almost 1/10th in size.

But Microsoft recurrently violates said guideline with even crazier inventions. For example:

  • The KB4480970 package is distributed under the title of "2019-01 Security and Quality Rollup for .NET Framework […]". It's Microsoft Support article has a similar title. So, here Microsoft has used the word "Quality" to indicate this package has non-security fixes too. They cannot call it "2019-01 Monthly Rollup for .NET Framework" because, per their crazy standard terminology, a "monthly rollup" does not contain security fixes. But per WaaS terminology, "Quality" is enough here and "Security" is redundant.
  • The KB4480970 package is distributed under the title of "2019-01 Security Monthly Quality Rollup for Windows […]". "Security Monthly Quality" is awfully non-English. So, what does it mean? Did they intend to mean something similar to the above, i.e. "2019-01 Monthly Security and Quality Rollup for Windows"? The associated Microsoft Support article seems to suggest otherwise: It is titled "January 8, 2019—KB4480970 (Monthly Rollup)" indicating that this update is strictly non-security and the words "Security" and "Quality" are misleading and erroneous.
  • The KB4480960 package is distributed under the title of "2019-01 Security Only Quality Update for Windows […]". It is as non-English as the former, but which word is redundant this time? The associated Microsoft Support article is titled "January 8, 2019—KB4480960 (Security-only update)", indicating that this time, only the word "Quality" is redundant.

Let's review what we saw above: In one case, the words "Security" was redundant. In another, both were typographic errors. In the last, only the "Quality" term was put there in error. So, basically, Microsoft has trapped itself in such a tangle of non-English terms that it cannot possibly use them according to its own definitions.

Now, let's look at a noble form of violation: The KB4480965 package is distributed under the title of "2019-01 Cumulative security update for Internet Explorer". (Please notice the natural English capitalization too!) Under Microsoft's official but crazy guideline, it must have been called "2019-01 Security-Only Update for Internet Explorer". (Yes, I checked, "security-only updates" are cumulative.) But do I complain? No. This is an example of what Microsoft must have done.

I might publish it as a part of a blog post in the future though.