A year ago, on October Patch Tuesday, Microsoft upended its customers' monthly security routine when it aligned all supported operating systems to a cumulative updates model -- and admins finally have begun to find their footing.

In the old format, administrators could prioritize Microsoft's critical updates and deploy those as soon as possible. However, this "Swiss cheese" approach -- a term used by Windows Server principal program manager Jeff Woolsey at the company's Ignite 2017 conference -- meant admins could pick and choose which vulnerabilities to address. The end result was some systems did not get updates they needed.

Microsoft expanded the cumulative updates model beyond Windows 10 in October 2016 to limit administrators to an all-or-nothing choice. Rather than select which patches to deploy first, the rollup model makes admins determine which systems get patching priority.

"Things have stabilized, and Microsoft has probably achieved their goal at this point of simplifying the process," said Todd Schell, product manager at Ivanti, an IT security company in South Jordan, Utah. "With these cumulative updates, you don't have to worry about testing all these individual updates."

While the blanket approach of the Microsoft cumulative updates model secures systems against all vulnerabilities, admins need a larger test environment and must spend more time to vet every update before deployment.

"Definitely, I think there's frustration," Schell said. "This is only one of their jobs for a lot of these people, so the time being tied up adds to the frustration factor."

Most businesses have adapted to the Microsoft cumulative updates model, which has led to a faster update deployment rate, Schell said. And, as a result, Windows systems are more secure than a year ago, Woolsey reported at Ignite.

"You can't miss one patch now and say, 'Whoops, we only deployed 10 of the 11 patches,'" said Jimmy Graham, director of product management for Qualys Inc., based in Redwood City, Calif. "It's a lot easier to get more updates deployed."