A taxonomy for Windows software binaries
To facilitate the assessment of software binaries on the Windows platform and help inform the process used to determine the optimal application delivery approach, a taxonomy has been captured in the following figure. It is important to note that the following figure is not necessarily a representation of how applications are installed on an OS or how they interact with each other. Each “layer” of the taxonomy is discussed under the subsequent sections.
OS binaries
OS binaries are the compiled binary code provided by Microsoft for the Windows OS. To remain secure, stable, and reliable, Microsoft releases OS patches to address issues in the OS.
OS updates are binaries released by Microsoft to patch stability or functionality issues present within the Windows OS. These can be provided by Microsoft as private fixes as an ad-hoc release or incorporated into monthly quality rollups.
Microsoft OS updates are generally packaged as an update package
in an .msu file. The contents of an .msu file are documented by
Microsoft in KB934307 (see
Description
of the Windows Update Standalone Installer in Windows
OS security updates
OS security updates are binaries released by Microsoft to patch security and reliability issues in the Windows OS. These are released on a frequent basis by Microsoft and can align to a regular monthly or ad-hoc release cadence, depending on the severity of the risk associated with the issue to be addressed.
OS feature updates
OS feature updates for Windows 10 are typically released twice a year by Microsoft as part of the Windows-as-a-Service (WAAS) service. For Windows 11, an annual cycle has been adopted for feature updates. These are large updates and frequently replace a large portion of the OS binaries with new files.
Runtimes
Runtimes are files required for the day-to-day operation of the OS and applications that reside upon it. They might be required to support applications (for example, software distribution, anti-virus) or other runtimes (for example, visual C++ DLLs, .Net framework, Java runtime environment, and so on).
Shared runtimes afford users an opportunity to save large amounts
of disk space on a Windows OS with many applications installed on
it that can benefit from a common runtime. However, where
applications are only compatible with a specific version of a
runtime, the updating of the shared runtime can result in the
application failing to launch or operate as expected. In these
instances, the Windows OS has natively adopted multiple approaches
to resolve this specific issue, and these are discussed in the
Microsoft Windows 10 Assessment and Deployment Kit (ADK) (see
Download:
Windows 10 Assessment and Deployment Kit (ADK)
Foundation applications
Foundation applications are not a native Windows concept, but are a useful concept to leverage within a managed Windows environment to group similar types of applications. Foundation applications are defined as applications that are included in a base OS image. They are typically used by everyone within an enterprise (for example, a web browser, anti-virus, software installation agent, and monitoring agent). They provide a baseline set of functionalities specific to the enterprise over and above that offered natively by the Windows OS, and must be installed to comply with an enterprise’s specific policies. These applications are separate and distinct from core applications, which are defined in the next section.
Helping to group common applications that provide management, security, baseline functionality, or application delivery capabilities to the enterprise’s base image is important. Understanding the baseline can be extremely useful for identifying and listing the applications required to be installed in all OS images if imaging has been employed.
Core applications
Core applications are defined as those applications that are used by a high percentage of users within a specific enterprise (for example, productivity suite, PDF viewer, file compression tool, and so on).
These applications may be installed on to the same set of machines that foundation applications are installed on. However, there are instances when this may not be preferable. For example, productivity suites are expensive to license on an ongoing basis. If a proportion of the userbase using Windows do not need these applications, then license costs can be reduced by separating the two sets of applications into Foundation and Core.
Middleware
Middleware is defined as computer software that connects software components or applications. Middleware sits "in the middle" between application software that may be working on different OS’. A common example is database middleware. For the purposes of application delivery, middleware is generally defined as a dependency of an application (for example, an application has a dependency on database middleware to be able to interact with a specific database server).
Applications
Applications are defined as computer software designed to help users perform a particular task. These include the binaries and settings needed for the operation of the application. Applications can have dependencies on other applications, middleware, runtimes, and the OS.
Applications can be considered the most frequently used unit when deploying application binaries. This is because applications are the most frequently-used units interacted with by end users and they are widely understood by both end users and the organization that helps to deliver them to the end users. In contrast, non-application dependencies of an application, such as runtimes and middleware, frequently remain unseen by end users as they have no need to directly interact with these.
Examples of applications include a productivity suite such as LibreOffice and complex graphical applications used for Computer Aided Design (CAD), but also include what might otherwise be considered a “plugin”, such as Microsoft Office Add-ins.
Web applications
Web applications are a sub-type of application accessed using a web browser, and are hosted on a server. Web applications can have a dependency on installed software in some cases, and therefore it is important that the OS running the web browser is able to satisfy these dependencies for a user to successfully use the web application. Such dependencies may be plug-ins, runtimes, and multimedia player software, and so on.