News

SCCM 2007 Users Hit Snag with New Windows Update Model

Organizations using System Center Configuration Manager (SCCM) 2007 may feel some headaches over Microsoft's new update service model for Windows 7 and Windows 8.1 clients.

SCCM 2007 users face carrying out manual steps to temporarily resolve issues should a monthly cumulative Windows update cause problems. Those limitations were described on Friday in this Microsoft blog post.

Microsoft kicked off the new update model for all supported Windows operating systems on Oct. 11. Under this model, Microsoft releases monthly cumulative updates for Windows clients and server operating systems. That change in policy put Windows 7/8.1 users on the same cumulative update treadmill as faced by Windows 10 users. Organizations now get a "security-only quality update" and a "security monthly quality update" each month on "patch Tuesday," or the second Tuesday of the month, for Windows operating systems.

In the past, application compatibility issues that had occurred after Windows updates were installed might be resolved by rescinding a single patch. With the new model, though, that's not possible. The whole cumulative update has to be rescinded.

Organizations facing application compatibility issues after a Windows update can opt to install the security-only quality update. That's one strategy to stay patched against security issues until a solution for a problem is found. However, users of SCCM 2007 specifically lack this flexibility. Essentially, the security-only quality update shows up as "superseded" for those users because SCCM 2007 lacks patch supersedence customization capabilities. The presence of the security monthly quality update causes the security-only update to be seen as unnecessary, or superseded.

The workaround for SCCM 2007 users is to get the security-only update from the Microsoft Update Catalog. Next, they then have to manually install the security-only update using the command-line standalone installer tool (Wusa.exe).

Users of new client management solutions, such as System Center Configuration Manger 2012, do have the ability to customize supersedence rules. Consequently, they can delay the supersedence of Windows updates. Doing so will let them opt to use the security-only update, if wanted, without supersedence taking place, Microsoft's announcement explained.

Despite the limitation, SCCM 2007 currently is a supported product, which means that Microsoft continues to send security and nonsecurity patches for it. SCCM 2007 will lose support on July 9, 2019, according to Microsoft's lifecycle support description.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.