Jump to content
Sign in to follow this  
dinodod

Disabling Windows 10 Updates

Recommended Posts

NOTE: I do not want to hear any comments that I need to run the updates.  I have a business need to disable these updates and will not tolerate anyone telling me to run the updates.

So I have read several articles on some 3rd party app that can disable windows 10 updates easily but I do not trust them simply cause I do not know what they are doing.  So I started making my own app and am currently invetigating the WAASMedic service which appears to be the culprit that forces the updates to run.

Does anyone here know if anyone has made a tool to actually disable the updates?  Would anyone else be interested in such a tool?

Any *FRIENDLY* advise is welcomed.

Thank you


Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites
6 minutes ago, dinodod said:

NOTE: I do not want to hear any comments that I need to run the updates.  I have a business need to disable these updates and will not tolerate anyone telling me to run the updates.

*Friendly advice* too or else what? ;)


SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

I'm sure all I can do is simply delete the post

 


Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites

there is a lot of talk about this, but seriously, none of it work. good luck in your hunt. maybe don't use windows, but Lubuntu instead. MS has made it impossible AFAIK


My resources are limited. You must ask the right questions

 

Share this post


Link to post
Share on other sites

Friendly advice: if you have a business need to not run updates you are doing it wrong. Might work (still wouldn't) if you are in a 2-PC mom and pop store; keep your resume up to date if you are operating this way in an Enterprise.


"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Share this post


Link to post
Share on other sites

Whenever the endpoints in your environment are retrieving payloads from an undesired location, you build an autoit script? 

Why not just block the calls in the firewall?  Or point them at a WSUS or SCCM with nothing in the queue so the update process is successful and you get the desired result of zero updates.

 

Also, update and patch your systems, maintain a current POA&M, secure all the things.  :ph34r:

Edited by iamtheky

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites
11 hours ago, Earthshine said:

there is a lot of talk about this, but seriously, none of it work. good luck in your hunt. maybe don't use windows, but Lubuntu instead. MS has made it impossible AFAIK

Very difficult for sure but I'm willing to look into it...

While I think I crippled the WAASMedic service atm, the WU service was still able to kick on..  This after I deleted the scheduled tasks for WU and the medic.  

 


Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites
10 hours ago, JLogan3o13 said:

Friendly advice: if you have a business need to not run updates you are doing it wrong. Might work (still wouldn't) if you are in a 2-PC mom and pop store; keep your resume up to date if you are operating this way in an Enterprise.

Then you haven't worked in an environment where MS updates have crippled your USB driver and literally shut down a small business for hours.  A small business where AD and WSUS are not an option.  Or where you have independent KIOSKS in the field where you have an 1+ hour drive to service in case of a network loss.  These are but a few examples where MS has and will continue to cripple service because they feel they can manage your updates for you.  They DO NOT care about the fallout THEY cause simple because they don't have to do anything.  We have a schedule that we use which does not revolve around MS's timetable.  And I will be DAMNED! if MS tells me how to manage the updates.  They are not paying us for their fallout and I am quite frankly sick of them doing what they want with no concern.

Until you have felt the burden of a small business, don't give me friendly advise on NOT updating Windows.  

 


Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites
10 hours ago, iamtheky said:

Whenever the endpoints in your environment are retrieving payloads from an undesired location, you build an autoit script? 

Why not just block the calls in the firewall?  Or point them at a WSUS or SCCM with nothing in the queue so the update process is successful and you get the desired result of zero updates.

 

Also, update and patch your systems, maintain a current POA&M, secure all the things.  :ph34r:

I do not work for a enterprise environment, rather, a couple small businesses where AD / WSUS / and SCCM are not feasible (See above post).
FYI  The firewall & GPO are a mute point simply cause MS has circumvented it and I have not found a respectable free firewall to use.  However, the default FW policy I use on kiosks is to simply block all inbound / outbound traffic except for the Credit Card machine & Teamviewer.

We do update the systems on occasion, just not on MS's schedule.

Edited by dinodod

Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites
6 hours ago, dinodod said:

Then you haven't worked in an environment where MS updates have crippled your USB driver and literally shut down a small business for hours.  A small business where AD and WSUS are not an option.  Or where you have independent KIOSKS in the field where you have an 1+ hour drive to service in case of a network loss.  These are but a few examples where MS has and will continue to cripple service because they feel they can manage your updates for you.  They DO NOT care about the fallout THEY cause simple because they don't have to do anything.  We have a schedule that we use which does not revolve around MS's timetable.  And I will be DAMNED! if MS tells me how to manage the updates.  They are not paying us for their fallout and I am quite frankly sick of them doing what they want with no concern.

Until you have felt the burden of a small business, don't give me friendly advise on NOT updating Windows.  

 

My entire business has been built on IT Services for everything from a 1-PC shop to SMBs and large enterprises for the last 20 years, so please do not assume you are unique in your struggles just because you have a few customers.

Yes, Windows Updates are problematic. Yes, they can cause issues. No one ever said just turn them on and let them go like you would grandma's PC at home; if you are working in such a manner with your customers then your "burden" is of your own making. There are things you can (and should) do to properly test and vet patches and updates before they hit client computers. If you lack the desire or the technical aptitude to do this, it is not the fault of the patching process.

But, as you seem to only want to complain about Microsoft, rather than actually fix the issue, I will bow out with a "good luck" (to your customers...)


"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Share this post


Link to post
Share on other sites

you can delay updates and corporations can really put them off, but this is the bandaid approach. I agree with the Moderator on this 1000%, if you are running without the updates you are doing it wrong. the corporate ability to install later gives them time to test everything out for their customer machines.

 

Edited by Earthshine

My resources are limited. You must ask the right questions

 

Share this post


Link to post
Share on other sites

Again,  I don't have a problem installing the updates, we simply do not work on the same schedule as what MS wants.  For MS to simply say your pc gets updated by us IS NOT acceptable.  This is why I am so upset with everyone's response cause you all are assuming that I will NEVER install these updates which is NOT TRUE.  If these updates are of a critical nature due to some flaw that was being exploited at the time, we would rush to install the update(s) as needed.  But these updates are NOT critical.  They are important, sure, but NOT critical.

You are simply bowing down to how MS does business and don't care about your own client's PCs.  You simply are shrugging your shoulders and have the "Whatever" attitude which is wrong.  You think MS has the best solution which is clearly not true.  MS has a LONG history of issues with their updates breaking things and I WILL NOT!!  ... WILL NOT!!!  ... allow MS to continues to manage my systems their way when the end result cripples PCs and businesses suffer.  How there isn't a class act against this form of tyranny is beyond me.

So since no one can offer me anything useful, I'm just going to close this thread and walk away.  I can't wait till the next flawed update cripples your systems.

Thanks for nothing

 


Digital Chaos - Life as we know it today.I'm a Think Tank. Problem is, my tank is empty.The Quieter you are, the more you can HearWhich would you choose - Peace without Freedom or Freedom without Peace?Digital Chaos Macgyver ToolkitCompletely Dynamic MenuSQLIte controlsAD FunctionsEXCEL UDFPC / Software Inventory UDFPC / Software Inventory 2GaFrost's Admin Toolkit - My main competitor :)Virtual SystemsVMWAREMicrosoft Virtual PC 2007

Share this post


Link to post
Share on other sites
12 hours ago, dinodod said:

The firewall & GPO are a mute point simply cause MS has circumvented it

The point is only moot of your own volition, and only for yourself.  I maintained and hardened 25k tactical systems, i may not know the burdens of small business and 1-hour drives, but putting soldiers lives at risk and getting in a bird to go fix shit on a FOB half the world away is probably a close second.

You seem to think people are dissuading you from your intent, when we are only conveying that your method chosen is both lacking structure and not extensible.  The premise in your statement is flawed, not the suggestions from knowledgeable users.

But since no one here can force feed you the usefulness, you might rather enjoy the walk instead.

 

Edited by iamtheky

,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites
42 minutes ago, dinodod said:

So since no one can offer me anything useful, I'm just going to close this thread and walk away. 

Sounds like an awesome idea, enough whining and mewling for one thread.


"Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball

How to get your question answered on this forum!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...