[Update: People asked why the official guidance on SharePoint Team Blog and CAPES Blog are different from my post - The official guidance is to keep the consistency with the patching methods in the past. At the meantime we are also working hard internally to provide crisp clear official guidance in the future, so stay tuned. ]
There’re always lots of questions around SharePoint patching. How to patch SharePoint? Which patch should I use to get a certain build number? In which order should I apply those patches? What is CU? What is SP? What is the difference between them?… All these questions are hard to answer – because to understand the answers, you have to understand the patching process of SharePoint.
Let’s go through different scenarios of SharePoint patching. Hopefully this can explain the mystery. I will start with the easy one and then the complex one.
Apply a security/feature fix on SharePoint Server Farm
This is the most simple scenario in SharePoint patching. Download the patch, apply it to every SharePoint Server in the farm and run PSConfig on all of them. That’s it.
Wait, is this really that simple?
The answer is no. Because there will be quite a few questions here:
Wdsrv-x-none.msp Not Applicable 44,946,432 17-Mar-2011 22:59
Use my table above to look up the component, you will find WDSRV does not belong to Office Web Apps, but SharePoint Server 2010. It is the Word Server (Word Automation) component. Someone mistakenly labeled it Office Web Apps hotfix. So, if you tries to apply this update to a SharePoint Foundation + Office Web Apps installation, it will never work – because this WDSRV component does not exist. If you applied any SharePoint Server update that has a higher version number than this patch, it will not be able to be applied either since the fix is already included.
Is this helpful? Let’s go on to the second scenario: Cumulative updates.
Apply Cumulative Updates/Service Packs on SharePoint Server Farm
CU packages are released in a bi-monthly manner. We want to make it more predictable so customer can plan their patching window, and save time by package everything together. CU does not have the same testing quality with Service Packs in theory, and the release schedule is always a little bit funny. Most of the CUs are scheduled to be released at the end of that month (subject to change), for example Apr CU was released on Apr 26th. If a last minute regression comes in at that time, then the release will be delayed, and you may already noticed Feb CU was released in March 3rd, to ensure the quality.
I used to post CU release information on SharePoint Team Blog. Now Stefan Goßner’s blog is my favorite to catch up with all the information. For example his Apr CU post is quite clear on the packages: http://blogs.technet.com/b/stefan_gossner/archive/2011/04/27/april-2011-cu-for-sharepoint-2007-and-2010-has-been-released-today.aspx
You can see he listed all the full server packages. Please remember, unless necessary, please only use these server packages to apply CU update. Internally we call them “Uber” updates, which includes all language packs and all components. If you are not using these packages, you may be missing some component updates. How to tell that? Using the table above to compare with the file information tables in KB article, and you will find all of the components are covered, with all MUI packages. Individual fixes do not have all of them.
Service Packs are different. Traditionally the service pack downloads does not give you an all-in-one package like the Uber updates do. Language packs are not there in the main package, you need to download and apply them separately.
Now here are the questions:
All the above is just to identify which update should be installed. The best “how to patch” article is still the one on TechNet: http://technet.microsoft.com/en-us/library/ff806338.aspx and it covered how to monitor patching, how to reduce downtime, etc.
Really good article, this should be on MS site somewhere...it is a shame they don't publish this to make it easier for us to figure out.
why did you changed your mind about Foundation?
This is to make sure I'm not giving different guidance than the official ones. My view in this post is purely from technical perspective - while the official guidance needs to consider more of the consistency with the past. Two years ago with the help of SharePoint Customer Advisory Team (CAT) we created the guidance of applying cumulative updates for 2007. At that time, WSS CU is not a part of MOSS CU. So I published the guidance to instruct people to install WSS CU first, then MOSS CU. In fact the order does not really matter, but the purpose of the guidance was to reduce issues and simplify repo steps. Now for 2010, SharePoint Foundation files are included in SharePoint Server installation files, service packs and uber CU server packages (you can double check this with my table 1). Technically what I temporarily crossed out from the post is correct but I agree to some point, the old guidance still serve its purpose - reducing issues and simplifing repo steps.
I just found that the update (MS11-074: Description of the security update for SharePoint Server 2010 (wosrv): September 13, 2011) cannot be updated. the link is below : support.microsoft.com/.../2566960
My environment is :
windows server 2008 sp2 x64
sharepoint server 2010 x64
office web app x64
Jie Li this article is a wonderful contribution to the working community. I'm always hungry for deep dives and the tools that will help me to be more decisive in my SharePoint environment. This article does the job for patching SP2010. THANK YOU!
Really good article, thank you.
Do you know exactly what the svrproof packages are? I know they must be to do with Languages but nothing more.
Can't microsoft make this much, much easier by developing a "patching program" which reads all the obscure (and sometimes incorrect!) files and "just works?"
oh wait, then consultants would not have jobs.