One of Server Core's touted benefits is it requires less security updates. Jeff Jones did some interesting research a little while ago in which he compared a theoretical Windows Server 2003 Server Core edition to a Windows Server 2003 installation in terms of security updates. In the accompanying blogpost he concluded:
[…] looking at the Windows Server Security Bulletins over the past two years, 40% of them would not have applied to a theoretical Server Core build. The results of the analysis are encouraging in terms of security progress. Full report
In this post I'll look at the updates required for various flavors and derivates of Windows Server 2008 and the implications in terms of (planned) downtime between these flavors.