Avatar of JosephEstrada
JosephEstrada
Flag for Canada asked on

Service Packs vs windows updates and patches

We are undergoing a Security Audit of our internal computer systems by an external 3rd party auditor.
We just rolled out new Windows 10 PCs to 75% of our staff and everything is working great.
We use Ivanti for patch management and all PCs are fully patched with all Windows updates and application security patches.
My question is:
What benefit , security wise, is there in ensuring that Service Packs are all completely up to date?
i.e. Does Windows 10 Service Pack 1909 contain more security patches or benefits if all individual Windows updates and security patches are already up to date?
I'd rather not install the Service Pack since all is working fine.

Thanks!
Windows 10Windows OSPCSecurity

Avatar of undefined
Last Comment
JosephEstrada

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Lee W, MVP

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Cliff Galiher

Just to add to what Lee said, whether 1909 adds security depends on the build you are in.  It is definitely more secure than, say, 1607 which no longer gets security updates at all. So being up to date on 1607 is still out of date overall.

But it doesn't have much in the way of security over an up-to-date build of 1903.

And to stress they aren't service packs. They are full fledged sub-versions.
JosephEstrada

ASKER
Thanks Folks!
Very helpful.
Ivanti Patch for Servers recommends installing the Windows 1909 version and further describes it as a Security Patch.
Misleading.
Cheers!
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23