Every month we and the rest of the world talk about Microsoft's monthly security patches. Less famous are the other updates Microsoft releases, usually twice a month, and mostly for the current versions of Windows.
Microsoft has long posted notice of their non-security updates in this Knowledge Base article (KB894199). Starting this month, Microsoft has added the security updates, and now it is a complete list of updates sent out through Windows Server Update Services (WSUS). For July, in addition to the six security updates, Microsoft released 33 non-security updates, six metadata changes to previously-released updates (all variations on the same update to the .NET Framework), and a new version of the Malicious Software Removal Tool.
Here are some of the more interesting non-security updates this month:
It's not well-known, but there's a second Patch Tuesday every month: On the fourth Tuesday, Microsoft usually releases more non-security updates. While there is no formal advance notification, as there is with security updates, Microsoft tends to post updates in KB894199 a few days in advance of their availability. At these times, the list includes a KB article number for each updates, but there is not yet a live KB page for it.
Once the update is available, Microsoft brings the KB page online and puts a link to it in the entry in KB894199. But the descriptions and even the KB full KB articles for the updates are often so vague as to be useless.
Let's consider Compatibility update for upgrading Windows 7 (KB2952664), released on Tuesday. The description, in its entirety, is "This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows." The sentence lends itself to many plausible definitions; my guess is that it assists an upgrade install to Windows 8 or other later version.
That update is the exception to the general rule that non-security updates target the latest versions of Windows and Windows Server. Of Tuesday's 33 non-security updates, four were for Windows 7, six for Windows 8, five for Windows RT 8.1 and 25 for Windows 8.1. Three are for Windows Server 2008 R2, five for Windows Server 2012 and six for Windows Server 2012 R2.
One interesting phenomenon accounting for a large number of recent non-security updates to Windows 8 and 8.1 is the update of Windows Modern UI (Metro) apps for systems which, through Group Policy, are configured not to have access to the Windows Store, where most users get these updates.
When they come through WSUS or some other patch manager, the administrator can decide whether to deploy them. Consider "July 2014 Bing Sports app update for WSUS for Windows 8.1 (KB2962189)". Most of the updates only to Windows 8.1 are of this type. There was a similar set of updates to Windows 8 on June 24. Exactly what is new in these new versions of the apps is left unsaid.
Even if you're as enamored of technical minutia as I, most of what you'll find in these updates is boring, largely because Microsoft provides too little information to make it interesting. But every now and then something interesting shows up. That's why I check KB894199 all the time.