Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates?

Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative: We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry).

How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?

Re:Disable, then VM or Mac

[vux984]

Its like you've never heard of backups. FFS, your wifes photography business sounds like it runs on one windows 7 computer.

A windows update that toasts your 'photo editing environment' is less likely than a variety of hardware failures. I'm sure, since you are clearly so conscientious about the reliability and accessibility of this environment, that you have a proper backup solution in place.

So.. in the unlikely event of an update fiasco... roll back, and carry on...

For a large enterprises, where it actually makes sense to lab test an update before rolling it out this doesn't work... but for 'your wifes photography business' I can't really figure out what you are trying to accomplish.

And EVEN the enterprise guys can still lab test before letting the cumulative update through to production... and hold it up if there is an issue. (Although its less clear how they resolve a problem.) But that is a whole other situation.

Hotfixes were always cumulative.

Microsoft hotfixes were never "individual" in the first place.

There are two servicing branches for Windows. GDR and LDR. GDR is what used to go out on Windows Update. LDR is for changes that are considered more risky, and is a superset which also contains GDR changes. All changes are cumulative, per binary. Once you install an LDR fix, that binary stays on LDR branch until a service pack is applied.

At service pack time, GDR and LDR branches are merged.

There's no such thing as an "individual" Microsoft patch. All binaries are patched cumulatively; the only question is what cumulative version you have installed for a given binary.

All that's changed is that they don't want to actually document bugs that are fixed in the hotfixes in detail, and they want to force everyone to more or less the same patch level, because 90% of the time, customers having problems are running old bits that aren't being tested by Microsoft any more. There's an ongoing religious argument over "patch to the latest" vs "don't touch it to keep it stable". But in truth, if you hit a new, unfixed bug, and Microsoft created a new hotfix for you, or even if you just install the latest security update, you were always forced to accept all the cumulative changes between the patchlevel you were at, and the new hotfix you are installing. It's just that at the moment the heavy handed "force em to patch" faction has the upper hand at Microsoft now.

Re: Linux.

My quibble is that there are many who want to run Windows but say they need to run Windows, when they very likely don't.

A good rule of thumb is that if you have to run Windows because of old mission-critical software then it is probably easier to get it going under Wine than on Windows 10.
Microsoft used to keep new versions compatible, but not so much anymore.
They have broken the compatibility so much that pretty much all old games sold on gog.com is wrapped with dosbox, even those that worked fine on XP.