Our original two updates that we were focusing on were KB3050265 and KB3102810 (see our previous post). In simple terms KB3050265 has been superseded by KB3102810 however its never quite that straight forward. Microsoft updates are a huge spider web of interlinks patches all with multiple dependencies. The below diagram shows the two we were focusing on (in green) and how they fit in around other updates that they are directly related to.
So all of the updates listed are modifying system files that are directly related to the Windows Update process. The greyed out updates all have further updates which have superseded them however I ran out of whiteboard by that point so they weren’t documented. At some point I’ll re-visit that avenue to check there isn’t anything else that we’ve missed.
Where it gets confusing is that it isn’t as straight forward as one patch being superseded by another: So for example KB3112343 is listed as superseding both of the original two updates we were looking at (KB3050265 and KB 3102810), however as I’ve mentioned at the top the second of these also supersedes the first, so mapping out all of the paths through rapidly becomes rather complex and time-consuming. What looks like a relatively simple diagram above takes quite a while to originally map out! Remember this is just looking at two particular updates out of a much larger number that get applied monthly to our machines.
The interesting bit (for me at least), is the update in orange. This is listed as superseding KB3112343, KB3102810 and KB3050265 however has only recently been released. Microsoft are not classifying it as a critical or security update and by their own admittance the documentation they’ve written on it has not yet been fully reviewed. At the moment we are not pushing this new update out, however we’ve setup the server so that we’re ready to should we need to. It will be one for us to keep any eye on over the coming months in case it gets re-categorised to a higher priority.