Overview

We have seen numerous changes to how Microsoft content was being organized through 2016 and 2017, the two main changes being the following:

1. On October 2016, Microsoft moved to a security bundle and monthly patch rollup model for Windows 7 and newer, supplying a single KB each respective branch.

2. On April 2017, Microsoft abandoned the Security Bulletin model that had been used for nearly 20 years.

The Ivanti Content team has worked hard to accommodate these changes, while attempting to preserve the previous bulletin organization. This allowed our customers to navigate these drastic changes with confidence, ensuring the updates released each month were properly accounted for. It has been a year since the last major change to Microsoft’s patching model.In response to this, the Ivanti Content team is normalizing our content to be more consistent each month. The more readable bulletin model is preserved, with the Microsoft KB appended to the end.

The new Security Bulletin mappings our products will be using: MS[YY]-[MM]-[PP]-[KB]

• MS = Microsoft
• YY = Year
• MM = Month Released
• PP =  Product
• Followed by the KB number

Here are some examples:

• MS18-03-OFF-3114416
  • All Office patches
• MS18-03-IE-4089187
  • All IE patches
• MS18-03-AFP-4088785
  • All Microsoft released Flash patches
• MS18-03-W10-4088776
  • All Windows 10 patches, rollups and Deltas
• MS18-03-SO7-4088878
  • Security Only Update for Windows 7 and Server 2008 R2
• MS18-03-SO8-4088880
  • Security Only Update for Server 2012
• MS18-03-SO81-4088879
  • Security Only Update for Windows 8.1 and Server 2012 R2
• MS18-03-MR7-4088875
  • Monthly Rollup for Windows 7 and Server 2008 R2 (this is the rollup that includes non-security fixes)
• MS18-03-MR8-4088877
  • Monthly Rollup for Server 2012 (this is the rollup that includes non-security fixes)
• MS18-03-MR81-4088876
  • Monthly Rollup for Windows 8.1 and Server 2012 R2 (this is the rollup that includes non-security fixes)

  .NET Patches will follow a slightly different naming scheme:

• MS[YY]-[MM]-[TT][PP]-[KB]
  • YY = Year
  • MM = Month
  • TT = Type (Security Only or Monthly Rollup)
  • PP = Product (.NET)
  • KB = Parent KB
• MS17-12-SONET-1234567 MS17-12-MRNET-1234567
  • Security only patches associated with that parent KB
  • Security patch type
  • Monthly Rollup associated with that parent KB
  • Non-Security patch type

Non-security .NET Patches also have a slightly different naming scheme:

• MSNS[YY]-[MM]-[TT][PP]-[KB]
  • YY = Year
  • MM = Month
  • TT = Type (Quality Preview or Quality Rollup)
  • PP = Product (.NET)
  • KB = Parent KB
• MSNS17-12-QPNET-1234567 MSNS17-12-QRNET-1234567
  • Quality Preview patches associated with that parent KB
  • Non-Security patch type
  • Quality Rollup associated with that parent KB
  • Non-Security patch type

Additional Information

Additional Naming Conventions

• QP = Quality Preview
• NS = Non-Security

Microsoft released the following article for FAQ on the changes made: Security Updates Guide dashboard and API:

Q: Why is the security bulletin ID number (e.g. MS16-XXX) not included in the new Security Update Guide?

A: The way Microsoft documents security updates is changing. The previous model used security bulletin webpages and included security bulletin ID numbers (e.g. MS16-XXX) as a pivot point. This form of security update documentation, including bulletin ID numbers, is being retired and replaced with the Security Update Guide. Instead of bulletin IDs, the new guide pivots on vulnerability ID numbers and KB Article ID numbers.

Affected Products

Shavlik Protect

Ivanti Patch for Windows Servers

Ivanti Patch for SCCM

   1374 Views    Categories:    Tags:  landesk management suite 2016.x, patch tuesday, next gen naming