Microsoft has following categories of updates:
- Critical Update
- Security Update
- Definition Update
- Update Rollup
- Service Pack
- Feature Pack
Critical Update – is an update which fixes specific, non-security related, critical bug. That bug can cause for example serious performance degradation, interoperability malfunction or disturb application compatibility.
Security Updates – is an update which fixes security vulnerability. Security updates have their own severity defined by Microsoft Security Response Center. There are 5 levels of the security update severity defined by MSRC:
- Critical - The update fixes a vulnerability whose exploitation could allow for the propagation of an Internet worm without user action.
- Important - The update fixes a vulnerability whose exploitation could result in the compromise of the confidentiality, integrity, or availability of users' data, or of the integrity or availability of processing resources.
- Low - The update fixes a vulnerability whose exploitation is extremely difficult, or whose impact is minimal.
- Moderate - The update fixes a vulnerability whose exploitation is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
- Unspecified - The update does not have a severity rating.
Every security update has also Exploitation Index which is not presented to the user in Windows Update. https://technet.microsoft.com/en-us/security/cc998259
Windows Update will display simplified categories to the end user as usually they don’t need to know about severity ratings or exact type of update:
Important - include all Security Updated regardless of MCRS severity, Critical Updates, Definition Updates, Update Rollup and Service Pack
Optional/Recommended - include Feature Pack and standard Updates.
If we want to match exact types of updates to simplified version used by Windows Update in control panel you can use below table:
Click here for more info, https://blogs.technet.microsoft.com/dubaisec/2016/01/28/windows-update-categories/