How Windows 11 reduced the size of cumulative updates by 40%

Once a month, Microsoft releases a cumulative Windows update that includes all the previous ones. That is, to bring the system up to date, you need to install a single update.

Given the huge number of fixes in Windows, a cumulative update without optimization can grow dramatically in size, which is unacceptable. For example, users with slow Internet connections will not be able to download it, but only in the US there are 20%. Therefore, reducing the size of updates is a priority. Now there was a solution for her.

In short, each update used to include a forward delta of system changes, as well as a backward delta to bring the system to baseline RTM to set a new forward delta in a month. However, it turned out that the reverse delta can be calculated during the update installation process. Now Microsoft intends to patent this algorithm.

With the shift of employees to remote work, the large size of updates began to create problems for many companies. They don’t have a high-speed intranet. Employees connect to a corporate VPN and download updates over their home internet. For the rapid distribution of security patches, it is very important to minimize network traffic to ensure the protection of remote workers, wherever they are.

This article describes a new compression technology that has reduced the size of cumulative updates in Windows 11 by 40% (a similar system is implemented in Windows 10).

The developers were tasked with reducing the size of Windows 11 updates with the following conditions:

  • Reduce traffic size
  • Do not increase installation time
  • Maintain compatibility with all distribution channels without any configuration changes, that is, without unnecessary headaches for sysadmins

Windows 10 since version 1809 used simultaneously

forward and backward differential compression

, where the forward and backward differences (deltas) between the three versions of the system are taken into account: the current

$ V_N $

, target

$ V_R $

and basic source

$ V_0 $

So Windows reverts back to its baseline as an intermediate state, so forward and backward deltas were shipped with each update.

Although forward and backward deltas are symmetric in function, their contents are significantly different. This means that a bidirectional delta that contains both new and old data is not much smaller than old Patch Storage Files (PSF) in Windows 10 versions 1803 and older, where direct deltas were written for all possible combinations $ V_N $ and $ V_R $, that is, without using reverse deltas and intermediate base $ V_0 $

For example, if the October monthly update changed the file Notepad.exedeltas were generated for Notepad.exe changes from September to October, August to October, July to October, June to October, and the original RTM to October. Thus, the cumulative updates grew in size every month. Therefore, the developers were tasked with optimizing them.

Starting with Windows 10 1809, the mechanism was changed – and a reverse delta was introduced, due to which the size of cumulative updates always remained almost the same.


Delta Pairs in Windows Update. To create the target revision, a forward delta is applied to the base version of the file. Then a reverse delta is applied to the target revision to create an intermediate baseline for the next forward delta in a month.

Deltas create the target version by transforming and fixing the base version. In some cases, data is added, in others, it is deleted. Therefore, a bidirectional delta stores both added and removed content. Since the data in the forward and backward deltas do not overlap greatly, the bidirectional delta is not very efficient.

Microsoft developers have found a way to “fix” all transformations and corrections at the stage of applying delta – and efficiently transcode them from forward to backward delta (n → 0), which eliminates the need to propagate backward deltas in pairs.

Note… Microsoft writes that Provisional US Patent Application No. 63 / 160,284 describing this “Generate Data for Reverse Refresh” mechanism was filed March 12, 2021. Unfortunately, it was not possible to find the application on the website of the patent office.


Data generation for reverse update occurs in the process of applying a forward delta with instructions for inserting and deleting data

Architecturally advanced delta compression algorithms such as Microsoft’s MSDelta, when the address changes, the functions also change the virtual addresses in the assembler (virtual address mapping). This is important because even small fixes in the assembly code shift the addresses of subsequent functions in the binary program. Without remapping virtual addresses, changing the assembly code in one line can lead to the fact that you have to change virtual addresses for tens of thousands of calls.

Mapping is performed by byte-wise disassembly of the program code and identification of virtual addresses. Virtual addresses logically correspond to entry points for assembly code functions and are offset when assembly code is updated in a patch. The delta engine keeps track of these shifts – and they are captured in the mapping table. Mapping during delta application is one of the important reasons why modern architecturally advanced delta compression algorithms are so efficient.


Example how all instructions call in x86 assembler are shifted after adding just one instruction mov at address 0x18000097D3 (line 17)

As with normal data changes, address translations can be “committed” and reversed. This introduces a small overhead because the display is not always accurate. If the forward mapping conflicts with the reverse observable, then an additional fix instruction must be used for alignment. This can be done in-place, and then the reverse mapping will provide almost the same performance as the reverse delta with forward mapping from the delta generated on the server.

The ability to generate a reverse update provides an efficient way to propagate forward deltas with the ability to return the system to its original state. Microsoft

writes

that in Windows 11 this approach reduced the size of updates by 40%.

You can add that all Windows Update files are signed with a Microsoft digital signature with the appropriate digital certificate. Availability of the program

code signing certificate

guarantees a hassle-free installation on Windows because Windows Defender SmartScreen respects the publisher’s reputation and

does not display security warnings when installing a program with a certificate

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *