An article on Windows patching included the startling headline that Microsoft is restricting security patches for IE 11 on Windows 7.
What particularly caught my eye was the report that Win7 users would not be receiving the June Internet Explorer patch in Windows Update.
Much ado about Internet Explorer updating
A June 16 InfoWorld headline proclaimed, “Microsoft strips some Windows 7 users of IE 11 patch privileges.” The patch in question was KB 2957689, the June cumulative IE update that fixed (as I noted in the June 12 Patch Watch) a whopping 59 vulnerabilities.
The InfoWorld story caught my attention mostly because I distinctly remember seeing KB 2957689 offered in my Windows 7 machines. And though it’s true that the June IE 11 for Win7 patch requires you to have an April IE cumulative update installed, that doesn’t mean Microsoft is suddenly changing the rules and making it difficult for Win7 users to update IE 11.
According to MS Support article 2957689, “All future security and nonsecurity updates for Internet Explorer 11 require you to have update 2919355 [Win8.1 Update] or update 2929437 [Win7 SP1] installed in order to receive updates.”
Here’s why that’s not a cause for concern.
Microsoft is currently maintaining many different patching branches. That’s hard to do, and it’s mostly Microsoft’s own fault. Back in April, Microsoft released two versions of MS14-018, April’s IE security update. That seemed a bit odd at the time. KB 2936068 was just the security update; KB 2929437 included the security fixes plus Enterprise Mode and an update to IE WebGL renderer. You could actually install both without a problem, as I did on my home machine.