Update rollups for Windows

Systems missing Windows update rollups may have stability problems, security holes, and outdated functionalities. With Patch Manager Plus, you can deploy rollup updates which fix both security and non-security issues in a single update to ensure the systems are running at their best. Every month, three main rollups are published by Microsoft:

  • Security-only update
  • Monthly Rollup
  • Preview of Monthly Rollup
  • What are Rollup Updates?

    Rollup updates is a cumulative setup of hotfixes which contains security updates, critical updates that need to be deployed immediately. It's basically a set of updates packed together which can be deployed at once instead of downloading every update separately, thus saving you all the time. These Windows update rollups provide protection against cyberattacks and fix bugs, address errors and fix various issues. For example, let's say your systems might not be patched with an update rollup for a security issue which makes your network more vulnerable to exploits. Hence, it's recommended to deploy rollup updates as soon as possible to keep your endpoint systems secure, thus enhancing the environment.

    How to install rollup updates on Windows devices?

    You can prevent your enterprise from cyber attacks and various issues by following any one of the following installation methods:

    1. Manual installation of Rollup Updates
    2. Automatic installation of Rollup Updates

    How to manually update Rollups?

    Rollup updates can be installed manually in two ways:

    1. Standard installation
    2. Using a patch management tool

    Standard installation of Rollup Updates:

    You can manually download the Rollups from the Update History page of Microsoft by following the steps given below:

    • You'll first have to know which rollup update you've currently installed in your system. To find that, press the Win key + R and type winver. On clicking OK you'll be able to see the build number and version that has been installed.
    • The Updates History webpage of Microsoft lists down all the windows rollup updates of every release. You can download any updates from the catalog by clicking the link which is on the same page. For example, if you're looking forward to download an update rollup for Windows Server you can download WSUS update rollups from this Microsoft page.
    • After clicking on the link, you'll be provided with two options: 32-bit version and 64-bit version of the WSUS rollup updates. You can choose according to which version your system is running in.
    • Once you select the version, the WSUS rollup updates that you've selected gets downloaded.
    • You can save the downloaded file to your hard disc.
    • This is followed by installing the rollup update by just clicking on the .msi file.
    • Click on Yes whenever you're asked to and finally click on Restart Now to complete the installation of windows rollup updates.
    This is how you install a rollup update manually.

    Manual installation using Patch Management tool:

    Another way of manually installing rollup updates in a more organized way is by using a patching tool like Patch Manager Plus.
    Follow the steps given below to know how to install the latest update rollup using Patch Manager Plus:

    • Navigate to the Patch Manager Plus console and click on the Deployment tab -> Manual Deployment -> Click on Install/ Uninstall Patch and select the platform which you want to patch. Say you've selected Windows.
    • Give a suitable Name and Description.
    • Next, click on Add Patches.
    • Using the filter option, filter by Patch Type to add the Rollup updates which you want to install. For example, select the WSUS update rollups  and click on OK.
    • Configure the Scheduler Settings to WSUS update rollups after the specified date and time. (This is optional)
    • You can configure the Deployment Settings by choosing a Deployment Policy or creating your own policy by specifying how and when you want the deployment to WSUS update rollups.
    • The next step is to choose the target computers on which you want the rollup updates to be deployed to.
    • You also have options to retry this configuration on failed targets and to receive e-mail notifications of the deployment task.

To know about how to deploy the patches manually using Patch Manager Plus in detail, refer to this document.

Automatic installation of Rollup Updates:

With a patch management tool like Patch Manager Plus you can keep track of the Rollup Updates being released every now and then. It's tedious to update them frequently from the vendors' site and also consumes a lot of bandwidth. This patching tool has a feature called Automated Patch Deployment (APD) which has an option to update Rollups. If you've been thinking of how to install the latest update rollup, look no further.

Follow the steps given below to update the Rollups:

  • Navigate to the Patch Manager Plus console and go to Admin -> Deployment Settings -> Automate Patch Deployment.
  • Click on Automate Task and choose the platform as Windows.
  • Give a suitable name for the APD task that you're creating using the edit option.
  • The first stage of creating this task is Select Applications. Under Microsoft Updates, you'll find Updates & Severities. Click on Select Updates and Severities and click on the checkbox Rollups. After selecting this box, you can choose to do any one of the following three actions:
    1. Patch All Applications
    2. Patch Specific Applications (and select those applications)
    3. Patch All Applications Except (and select those applications)
  • The second stage of this APD task is to choose the deployment policy wherein you can select the existing deployment policy or create a new one. So here you can configure the frequency and the preferred day for deployment to happen.
  • The third stage is where you can specify the target computers on which you want the deployment of the windows rollup updates to happen.
  • The final stage is configuring notifications so that you'll be notified about the APD task. After providing your e-mail address and selecting the required options, click on Save.

So this is how you can automatically update the Rollups. To know about how to create an Automate Patch Deployment task in detail and how to install the latest update rollup, refer to this document.

FAQs

What are Windows update rollups?

Rollup updates a.k.a Windows update rollups are a well examined cumulative set of hotfixes, important updates, security updates, and updates that have all been packaged up for easy deployment.

How do you manually download WSUS update rollups from the Microsoft page?

  • You can download WSUS update rollups from the Microsoft page and after clicking on the link.
  • You'll be given with two options: 32-bit version and 62-bit version of the WSUS Rollup Updates.
  • You can choose according to which version your system is running in. Once you select the version, the WSUS update rollups that you've selected gets downloaded.
  • You can also manually install using patch management tool.

Where is the Automated Patch Deployment (APD) option available in Patch Manager Plus?

The Automate Patch Deployment option is available under Patch Management -> Deployment .Navigate to the Patch Manager Plus console and go to Admin -> Deployment Settings -> Automate Patch Deployment.

Where you can view all the windows rollup updates of every release?

The Updates History webpage of Microsoft lists down all the windows rollup updates of every release. You can download any updates from the catalog by clicking the link which is on the same page.

What is the difference between Monthly Rollups and Security-only updates?

Security-only updates are product specific that includes all the security updates whereas, Monthly Rollups are cumulative set of updates which addresses both security and non-security issues.

What is the difference between update rollups and updates?

An update generally addresses non-critical and non-security related issues whereas, an update rollup targets a specific area, such as security and Internet Information Services (IIS).