Link to home
Start Free TrialLog in
Avatar of JosephEstrada
JosephEstradaFlag for Canada

asked on

Service Packs vs windows updates and patches

We are undergoing a Security Audit of our internal computer systems by an external 3rd party auditor.
We just rolled out new Windows 10 PCs to 75% of our staff and everything is working great.
We use Ivanti for patch management and all PCs are fully patched with all Windows updates and application security patches.
My question is:
What benefit , security wise, is there in ensuring that Service Packs are all completely up to date?
i.e. Does Windows 10 Service Pack 1909 contain more security patches or benefits if all individual Windows updates and security patches are already up to date?
I'd rather not install the Service Pack since all is working fine.

Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Just to add to what Lee said, whether 1909 adds security depends on the build you are in.  It is definitely more secure than, say, 1607 which no longer gets security updates at all. So being up to date on 1607 is still out of date overall.

But it doesn't have much in the way of security over an up-to-date build of 1903.

And to stress they aren't service packs. They are full fledged sub-versions.
Avatar of JosephEstrada


Thanks Folks!
Very helpful.
Ivanti Patch for Servers recommends installing the Windows 1909 version and further describes it as a Security Patch.