Windows 10; How to stop constant updates

Dear All
Please could you advise the best way to pospone or even reject constant updates for Windows 10.

Why would you want to? Just let them install when you shutdown, and you are more secured against virus’s etc.

Disable Windows Update?

http://www.pcadvisor.co.uk/how-to/windows/how-disable-automatic-updates-in-windows-10-3632159/%5B/url%5D

Funny innit, MS have been providing these operating systems for over 20 years now and they still can’t release one without it needing “vulnerability” patches every bloody month. Keeps some of us in work I suppose.

All OS’s need vulnerability patching.

All OS’s need vulnerability patching.

I reckon it’ll be domestic appliances next:

“In 2017 Russian hackers assembled the world’s biggest botnet by hacking a range of domestic appliances, heating controllers and light bulbs”

DezB – Member 
Funny innit, MS have been providing these operating systems for over 20 years now and they still can’t release one without it needing “vulnerability” patches every bloody month. Keeps some of us in work I suppose.

Take a look at any daily Linux update and you’ll often see many vulnerability patches.

Windows updates are pretty reliable now, however because of the change in Windows 10 to no longer technically releasing new operating system versions, combined with a more open and frequent development cycle, they are pushing out feature updates on a more frequent basis. That means in the last year you’ve had major updates like the November update (1511) and the Anniversary Update (1607). These are essentially like SP1 and SP2 or even Win 10.1 / 10.2, as they make substantial changes.

Personally I think they are vast improvements and everyone should welcome them as Win 10 on release was still very much beta quality.

As a developer I also welcome the push to keep everyone on the latest version where possible. Biggest headache over the last 20 years of doing Windows development is supporting luddites.

p.s. How many of you use Chrome? Do you bother about the fact it updates itself frequently? You probably never even notice (except as a developer and you realise a web site doesn’t work any more then find out they’ve deprecated a feature and your version of Chrome was updated without you knowing 😉 )

Vulnerabilities are found by MS employees to stop hackers, right? So how come the hackers very rarely find vulnerabilities that the MS people haven’t found yet (but may do in a few months)? Or are the hackers and MS working together? Or do they wait for hacks, then fix whatever’s been hacked?
Why not just make the built in firewalls better?

Vulnerabilities are way more than just down to firewalls. Many of the big hacks recently have been nothing to do with Windows.

In fact Windows 10 comes in at 19th in the top 50 vulnerabilities this year https://www.cvedetails.com/top-50-products.php?year=2016

How long has it been doing it?

It won’t do it constantly, it just does loads when you first get it to get it up to scratch. There was a very big one recently (anniversary update) which new PCs won’t have had.

So how come the hackers very rarely find vulnerabilities that the MS people haven’t found yet

They do. There’s a whole community about finding these things for the goodies and figuring out when the baddies have found them and attempt to use them.

Why not just make the built in firewalls better?

Firewall only stops network connections. Some attacks use open (un-firewalled) ports to exploit network services, and the firewall can protect against those. But it doesn’t stop a virus, trojan or other malware. Lots of different kinds.

Hack in progress here (2.2m of 5.5m passwords stolen so far)

https://boingboing.net/2016/09/27/social-media-site-targeted-at.html

again, not a windows vulnerability as such, more a configuration/design one.

PS don’t disable Windows updates – they are important!

If your using a laptop that connecting via wifi connection change it to a metered connection in the network settings.

I disabled them on my Win8 PC cos everytime they installed the graphics got screwed up. No hacks or viruses or emptying of bank accounts or death or destruction of any kind since. 😛

Vulnerabilities are found by MS employees to stop hackers, right? So how come the hackers very rarely find vulnerabilities that the MS people haven’t found yet (but may do in a few months)? Or are the hackers and MS working together? Or do they wait for hacks, then fix whatever’s been hacked?
Why not just make the built in firewalls better?

sorry, but you really have no clue.

there’s a black market for these ‘holes’ and our governments inadvertently fund it by buying the capabilities from these companies selling exploits. M$, Apple and AV companies are trying to stay ahead of it.

sorry, but you really have no clue.

I thought I made that clear. 🙄

It’s been bad with updates since the anniversary issue though but I still would never ever turn off the updates. Get people once a week to do a full restart at lunchtime rather than just switching off in the evening and that can save a lot of the pain of waiting for them to install

Vulnerabilities are found by MS employees to stop hackers, right?

Not always no. Security researchers often find them and disclose to the relevant company before making them public. Often this can mean the patch is circulated before the vulnerability is widely known about.

As above, don’t disable them.

OP – is it new updates each time or one that is failing?

It’s been bad with updates since the anniversary issue

I knew it was coming so I sat there and once it’d downloaded the main one I restarted and restarted until it was done.

You actually have to restart though, so I imagine if you weren’t deliberately doing it like I was the updates would be hanging around for weeks making you think it was always updating when in fact it was waiting to install the same update the whole time.

is it really that inconvenient?
‘install updates and shutdown’, walk away.

Not downloading Windows updates seems a bad plan to me.

it is, but its also a massive PITA.

what i begrudge is them be forced – especially when i’ve got a deadline of some sort and had to reboot. for example, the most recent win10 “feature update” (anniversary) took 1.5 hours on my work PC.

Settings – update and security – windows update advanced settings – select notify to schedule restart.

Just in case it is rebooting automatically at random times when you don’t want it to rather than applying them when you shut down.

the most recent win10 “feature update” (anniversary) took 1.5 hours on my work PC.

Your company should be using windows ltsb that doesn’t get that update, poor of your IT department to let that through.

Hmm… I wasn’t forced, or even nagged. Strange.

There should be a pop-up telling you it’s time to update and you get now or later options

Disable Windows Update?

Don’t do this. It’s a really really bad idea.

Settings – update and security – windows update advanced settings – select notify to schedule restart.

Do this. I did.

Oh, and,

Unless it’s changed with Windows 10 (I haven’t particularly noticed either way), Windows Updates are published monthly on the second Tuesday of the month, so it shouldn’t be a “constant” problem unless you’re continually trying to defer installation and getting reminders. The exception to this is, erm, “exceptional” updates which are released when there’s an update so critical that it can’t wait for the monthly schedule. As you might guess, you probably should be installing these ASAP as there’s a good reason for it.

Major rebuilds like Anniversary Edition are a bit different, they’re out of band with “normal” patches. I think from memory you’ll get offered these when you haven’t applied any other updates for 30 days (and are actually available, ofc).

Not installing updates is why widespread infections like Conficker which had been patched months before it really took hold became such a massive problem.

You can choose to defer upgrades such as the Anniversary edition without affecting updates for security and critical bugs. (It’s in Settings > Update & Security > Windows Updates > Advanced Options)

I have no problem with upgrades generally, but I wish they wouldn’t change the interface. The way the Start menu works has changed significantly on the Anniversary Ed, and I’ve had to spend a while trying to explain it to my 90 year old mother and 84 year old MiL – made harder by my PC not having the upgrade yet.

Couple of interesting snippets – Microsoft have reduced their own testing teams right down; consumers are now pretty much the testers and as new features are added to Windows and other MS products new holes will be found – or worse old ones will reappear…

I reckon it’ll be domestic appliances next:

“In 2017 Russian hackers assembled the world’s biggest botnet by hacking a range of domestic appliances, heating controllers and light bulbs”

It already happened this week. Massive DDOS attacks over 600Gb/s and then 1,000Gb/s. No way was that a Windows OS botnet; more like the Internet of Shit – Cameras, TV’s, thermostats and all the other crap people are pointlessly assinging IP addresses too.

I think it won’t be long and there will need to be legislation in place to state a device has passed adequate testing to be sold as internet connected. It’s not all complicated either, I think most of it is just default admin/root passwords left in place.

Microsoft have reduced their own testing teams right down;

Sauce?

Cougar – Moderator 
Oh, and,
Unless it’s changed with Windows 10 (I haven’t particularly noticed either way), Windows Updates are published monthly on the second Tuesday of the month

Cant say I’ve noticed but I like Update Tuesday as it allows time to prep for the changes coming. Saying that I have seen what I believe to be random updates from M/Soft recently which can cause issues.
The anniversary update was exactly this. I really didn’t expect Sage to stop working on the machines I support and had a few issues sorting those out, more of a pain on the VM’s of MAC users.

thats not a bad idea. most routers ship with settings altered..

those hacks that only target certain eastern euroepean android based smart tv’s were nuts too

Your company should be using windows ltsb that doesn’t get that update, poor of your IT department to let that through.

heh IT dept. we don’t have one. not really.. 6 devs, few more support staff.. couple salesy/admin people thats it really!

I did install ltsb (via my MSDN developer subs) however, the anniv update is being pushed to everyone now. it had downloaded and was patiently waiting for me to reboot – before buggering up my morning 🙂

win 10 sucks balls as far as updates go. they totally break our software in multiple by removing settings during upgrade and we get the fallout.

btw as far as botnets go.. unlike a few years ago when it was rumoured the world was run out dodgy copies of XP i can say that as part of my role gives me an eye into stats of our userbase, and most are on 7 x64 or 10 x64.

x86 (32-bit) is only a 6th of the installed userbase. probably tablets or older machines.

so think microsoft really did get a lot of people onto 10 with the free 7->10 thing. i bought two refurb corporate desktops with OEM 7 licences for home and upgraded both to 10 at just the right time 🙂

Sauce?

Close;

but I wish they wouldn’t change the interface

That is a good point actually. Windows will now be continually upgraded and gradually change over time. They really ought to have a simplified interface for people who just want a few simple things, and not change that.

I really didn’t expect Sage to stop working on the machines I support
…
win 10 sucks balls as far as updates go. they totally break our software in multiple by removing settings during upgrade and we get the fallout.

But of course in a corporate environment you run WSUS and test major updates before rolling them out to everyone. No?

hah yes.. but when your market is anything from companies with 5 seats who employ a local pc shop for their IT to seats with 10,000+ who take 5 years to catch up with the latest versions there’s a huge spread of scenarios.

I live in an area where the broadband speed is poor, 0.8 Mbps last time I checked.
I’m going to remove windows 10 & go back to 7. My home laptop is useless on the internet with 10 installed but my work machine on 7 is fine.

Fyi security and reliability updates will be bundled into monthly cumulative updates pretty soon. That means you won’t be able to uninstall individual kb’s, and even if you could, next month’s patch would include it. A little worrying for any business. Let’s hope someone else identifies any issues and ms resolve before you do!

https://blogs.technet.microsoft.com/askpfeplat/2016/08/30/a-bit-about-the-windows-servicing-model/

Im just going to leave this here…
Mac
🙂