BSA: What changes can I expect to see in BSA Windows Patching after the Oct 2016 Microsoft Rollup changes?

Version 1
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BladeLogic Server Automation Suite


    COMPONENT:

    BladeLogic Server Automation


    APPLIES TO:

    All BSA versions - Note this document only applies to Microsoft Bulletins between October 2016 and April 11th, 2017



    QUESTION:

     What changes can I expect to see in BMC BladeLogic Server Automation (BSA) Windows Patching after the Oct 2016 Microsoft Rollup changes described in the following link?

    https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/

     


    ANSWER:

     

     

      

    Note the content below only applies to Windows Patches/Bulletins from October 2016, to April 11, 2017.  All newer patches follow the naming convention described in:

      

    KA 00134334 BSA: What changes can I expect to see in BSA Windows Patching after Microsoft stops publishing bulletins

      

    BMC has confirmation from Shavlik that they will be making the necessary changes from their end and BSA functionality will not be impacted.  However the bundling may require you to change the way you select and group patches within BSA.

    The new Rollups affect Server 2008 R2 and above. 
    Server 2008 non-R2 will continue the have MSYY-XXXX bulletins  (Where YY is the last two digits of the publishing year. 

    Effective 10/01/2016, Server 2008 R2 and above receive rollups, although some non OS patches like Office products or some .Net Framework or some IE Patches will still get traditional MSYY-XXX style bulletins. 

    Monthly Security Bulletin rollups will be named as SBYY-XXX bulletins. These will have just the security bulletins for the month they are released. Note the XXX portion will NOT equal the month, For example . 

      
    SB16-002(Q3197867): November 2016 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1  SB16-003(Q3197876): November 2016 Security Only Quality Update for Windows Server 2012  SB16-004(Q3197873): November 2016 Security Only Quality Update for Windows 8.1, and Windows Server 2012 R2 
      

    CRYY-XXX bulletins are similar to the SB bulletins but they are   cumulative roll-ups of   ALL OS patches, security and non-security since October 2016. These bundles will potentially be very large..  

    Note: At present, it is not possible to selectively install component patches from a roll-up, they are all or nothing. Microsoft has stated they will produce a public API to allow selective updates or at least smaller differential packages that would download only needed changes, but this is not currently available as of Jan 2017. This would likely only be necessary for CR bulletins. 

    A good way to keep up is to monitor Shavlik's Patch Tuesday Blog at:   http://www.shavlik.com/patch-tuesday/  

    Below is the community link from Shavlik which talks about the changes in naming conventions from Shavlik : 
    https://community.shavlik.com/docs/DOC-24299  

    Effective in March Microsoft had stated that they would stop creating Bulletins and would track individual hotfixes through their new portal page https://portal.msrc.microsoft.com/en-us/security-guidance

      

    However it looks like they did create bulletins for March.

      

    Note: Because the Shavlik tool is bulletin based they will continue to generate synthetic bulletins for patches that Microsoft does not publish a bulletin for.  This behavior has not changed.

      

     

     


    Article Number:

    000121166


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles