Microsoft plans to phase out older updates, promises speed and security gains

Windows[German]Microsoft is once again working on optimizing the cumulative updates for Windows 10, because their size is increasing rapidly. This costs speed during download and installation. Therefore, certain older updates are to run cyclically so that they are no longer included in cumulative updates. Microsoft is hoping for speed and security gains from this. Here is some information on the subject.


When the cumulative updates were introduced, this was considered the "philosopher's stone" for Microsoft. Only one update package, and everything is on board, missing updates can be installed by the cumulative components on a system. Administrators already pointed out at the introduction of these cumulative updates that this eliminates the possibility of hiding a faulty minor update – one can now only block the entire cumulative update in managed environments.

Over time, the other problems of cumulative updates became apparent. The update packages get fatter and fatter and the machines also take quite a long time to install. I had addressed this for Windows Server 2016, among others, in blog posts like Windows Server 2016: Slow updates. For Windows 11, Microsoft recently admitted in the blog post Windows 11: Microsoft optimizes the size of update packages that update size is now a problem for many users who don't have a broadband connection.

In managed enterprise environments, administrators may also have the problem that the update packages cached by WSUS or in other management environments on the servers for distribution to the clients take up a lot of disk space.

Expiring update planned

In the past, Microsoft has repeatedly optimized its updates. Now they want to get to grips with the problem of too large update packages via another mechanism. Christine Ahonen from Microsoft has already published the Techcommunity article Windows update expiration policy explained.

Ahonen writes that Microsoft creates two to three updates per month for each supported Windows platform. This inevitably leads to a backlog of updates and potentially increases the size of the update packages. However, many of these updates are cumulative and include all previous updates released for that platform. This means that when older packages expire, you will continue to receive the updates included in those packages as cumulative updates are installed.


This is where Microsoft wants to step in and allow older, but redundant, update packages to expire. By letting older, redundant packages expire, users should get better performance. The scan times for the update search are shortened. In addition, the risk should be reduced because older updates are replaced by the provision of newer, more secure updates.

Microsoft therefore regularly looks at update packages that have already been released and checks them for an "expiration date". Once a large enough number of candidates are found, an expiration date is set. Update packages that have reached the expiration date should then no longer be integrated into the cumulative updates.

Some updates do not expire

According to the FAQ published by Ahonen, there are some older updates that do not expire. This may be because some older packages have not yet been evaluated or do not meet the criteria for expiration. It is also possible that update packages have not yet expired because of dependencies on that particular update.

In addition, security-only update packages for Windows 8.1, Windows Server 2012 and Windows Server 2012 R2, Windows Server 2012, Windows 7 SP1, Windows Server 2008 R2 and Windows Server 2008 SP2 do not expire because they are not cumulative and only contain fixes for one month. If a newer update package depends on an older package, the older package does not expire until it is replaced by a newer package.

On, when an update expires, the word "EXPIRED" is appended to the title of the article with the release notes for that particular update. Windows Server Update Services (WSUS), on the other hand, displays a banner at the top of the details pane when a particular update has expired.(via)

Similar articles
Windows 10: Cumulative Updates (LCUs) now integrates SSUs
Windows 10 Service Stack Update (SSU) internal explained
Windows 11: Microsoft optimizes the size of update packages
Windows 10: CBB ends, Upgrade install details/optimizations
Microsoft touts top-notch monthly Windows update efficiency
Windows Server 2016: Where to get Express-Updates for download?
Windows Server 2016: Express Updates shipping from 11/2018
Windows Server 2016: Slow updates

Cookies helps to fund this blog: Cookie settings

This entry was posted in Update, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *