WSUS is dead - does that change anything?
-
The summary for [Windows Server Update Services (WSUS) deprecation - Windows IT Pro Blog](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436) reads: > WSUS remains operational but is no longer investing in new features. As far as I'm concerned, this doesn't change anything. And frankly, MS could have made this announcement 10 years ago, it wouldn't have made any difference either. WSUS today looks and feels and performs exactly the same as it did 10 years ago. It hasn't improved. It hasn't gotten any worse either. It's a known quantity. The role will still be in Windows Server 2025, and the blog entry points out "we are preserving current functionality and will continue to publish updates through the WSUS channel". In other words, if you have WSUS today, it'll continue working. Since the role is still in Server 2025, I'm betting they're still going to be publishing updates through that mechanism at least until Server 2025 itself goes out of extended support (in 2035). If there's anything to worry about, it's whether the next version of Server after that includes the role or not. Until then? This is a non-event, IMO. But the resulting discussion somehow degenerated into how MS is trying to get everyone to manage their patching through Azure, and that some related features on Azure in the past have (already) been deprecated, and the end goal is to get people to subscribe to some service costing $5/server/month. People are freaking out about that and coming up with all sorts of scenarios like it's a big conspiracy, but in the end none of that is a WSUS issue. MS can start charging for Azure services all it wants, WSUS isn't going away. Besides, people have already built viable alternatives. Today you could script pretty much everything WSUS does, within a few hours. You commit to cloud provider services, you're giving up control, then you're at their mercy, and then they can start charging you for those services. But this announcement doesn't say, or even suggest, WSUS is gonna get broken soon and people won't have a choice but to move to Azure. Of course MS would love that. But the blog entry makes it clear WSUS isn't going away. So Azure is, and remains, a different problem. Those Azure complaints are completely valid, but they belong in another discussion altogether. If you're using WSUS today, does this announcement worry you?
-
The summary for [Windows Server Update Services (WSUS) deprecation - Windows IT Pro Blog](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-server-update-services-wsus-deprecation/ba-p/4250436) reads: > WSUS remains operational but is no longer investing in new features. As far as I'm concerned, this doesn't change anything. And frankly, MS could have made this announcement 10 years ago, it wouldn't have made any difference either. WSUS today looks and feels and performs exactly the same as it did 10 years ago. It hasn't improved. It hasn't gotten any worse either. It's a known quantity. The role will still be in Windows Server 2025, and the blog entry points out "we are preserving current functionality and will continue to publish updates through the WSUS channel". In other words, if you have WSUS today, it'll continue working. Since the role is still in Server 2025, I'm betting they're still going to be publishing updates through that mechanism at least until Server 2025 itself goes out of extended support (in 2035). If there's anything to worry about, it's whether the next version of Server after that includes the role or not. Until then? This is a non-event, IMO. But the resulting discussion somehow degenerated into how MS is trying to get everyone to manage their patching through Azure, and that some related features on Azure in the past have (already) been deprecated, and the end goal is to get people to subscribe to some service costing $5/server/month. People are freaking out about that and coming up with all sorts of scenarios like it's a big conspiracy, but in the end none of that is a WSUS issue. MS can start charging for Azure services all it wants, WSUS isn't going away. Besides, people have already built viable alternatives. Today you could script pretty much everything WSUS does, within a few hours. You commit to cloud provider services, you're giving up control, then you're at their mercy, and then they can start charging you for those services. But this announcement doesn't say, or even suggest, WSUS is gonna get broken soon and people won't have a choice but to move to Azure. Of course MS would love that. But the blog entry makes it clear WSUS isn't going away. So Azure is, and remains, a different problem. Those Azure complaints are completely valid, but they belong in another discussion altogether. If you're using WSUS today, does this announcement worry you?
This is yet another example of Microsoft's desire to move everything from on-premise to cloud. WSUS has always had huge problems with database fragmentation, to the point that I wrote a PS script combined with a SQL Server database defragmentation script I pulled off a Technet blog over a decade ago to keep my WSUS servers healthy and responsive.
-
This is yet another example of Microsoft's desire to move everything from on-premise to cloud. WSUS has always had huge problems with database fragmentation, to the point that I wrote a PS script combined with a SQL Server database defragmentation script I pulled off a Technet blog over a decade ago to keep my WSUS servers healthy and responsive.
For sure WSUS has always had its own set of problems, but as mentioned, by now it's a known quantity, in terms of what to expect and what to do about it. I've come across scripts myself that do the sort of thing you brought up, and wrote a few more of my own. If those are such big problems for people that they'd rather rely on MS to keep evolving patch management, then that's why these on-going services are pay-for. But people can't claim any of this came without their own warnings.