Microsoft has following categories of updates:

  1. Critical Update
  2. Security Update
  3. Definition Update
  4. Update Rollup
  5. Service Pack
  6. Tool
  7. Feature Pack
  8. Update


Critical Update – is an update which fixes specific, non-security related, critical bug. That bug can cause for example serious performance degradation, interoperability malfunction or disturb application compatibility.

Security Updates – is an update which fixes security vulnerability. Security updates have their own severity defined by Microsoft Security Response Center. There are 5 levels of the security update severity defined by MSRC:

  1. Critical - The update fixes a vulnerability whose exploitation could allow for the propagation of an Internet worm without user action.
  2. Important - The update fixes a vulnerability whose exploitation could result in the compromise of the confidentiality, integrity, or availability of users' data, or of the integrity or availability of processing resources.
  3. Low - The update fixes a vulnerability whose exploitation is extremely difficult, or whose impact is minimal.
  4. Moderate - The update fixes a vulnerability whose exploitation is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.
  5. Unspecified - The update does not have a severity rating.

Every security update has also Exploitation Index which is not presented to the user in Windows Update. 

Windows Update

Windows Update will display simplified categories to the end user as usually they don’t need to know about severity ratings or exact type of update:

Important - include all Security Updated regardless of MCRS severity, Critical Updates, Definition Updates, Update Rollup and Service Pack

Optional/Recommended - include Feature Pack and standard Updates.

If we want to match exact types of updates to simplified version used by Windows Update in control panel you can use below table:


Click here for more info,