News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

  • 2000004: How to apply the Win7 and 8.1 Monthly Rollups

    Posted on woody Comment on the AskWoody Lounge

    Home Forums Knowledge Base 2000004: How to apply the Win7 and 8.1 Monthly Rollups

    This topic contains 45 replies, has 11 voices, and was last updated by  PKCano 5 months ago.

    • Author
      Posts
    • May 20, 2017 at 5:39 pm #116993 Reply

      woody
      Da Boss

      AKB 2000004: How to apply the Win7 and 8.1 Monthly Rollups

      By @woody

      Published 29 July 2017 rev 1.12

      For those in “Group A” — the ones who want to use Microsoft’s preferred patching method, and aren’t overly concerned about increased telemetry (which is to say, snooping), here’s how to get your monthly rollup going, without succumbing to Automatic Updating.

      For those in “Group A” who want to minimize Microsoft’s snooping but still install all of the offered patches, turn off the Customer Experience Improvement Program before you begin.
      Click Start > Control Panel > Action Center. On the left, click the link to Change Action Center settings. Under Related settings, click Customer Experience Improvement Program settings. Choose No, I don’t want to participate in the program. Click Save changes.

      Step A1: Get your settings right.

      In Win7, click Start > Control Panel. In Win 8.1, press Win-X and choose Control Panel. Click System and Security. Under Windows Update, click the link marked “Turn automatic updating on or off.” Make sure Windows Update is set to “Never check for updates (not recommended),” then check the boxes marked “Give me recommended updates the same way I receive important updates” and “Give me updates for Microsoft products and check for new optional Microsoft software when I update Windows.” Click OK.

      Step A2: Check for updates.

      Back in the Control Panel, under Windows Update, click the link to Check for Updates. (You may have to click Check for Updates a second time.) If you’ve done a Group A run in previous months, the check should go quickly. If it lingers for hours, follow these steps. Don’t check any unchecked boxes. If you have no intention of updating this machine to Win10 in the near future, look for KB 3150513 and make sure it’s unchecked.

      Step A3: Get rid of problematic updates.

      The list of problematic updates changes every month, so you’ll have to watch the main AskWoody blog page for details. Look for MS-DEFCON posts; they’re clearly marked. In general, if you have no intention of updating this machine to Win10 in the near future, look for KB 3150513 and uncheck the box.

      Step A4: Install the patches.

      Click the button marked Install Updates and follow the instructions. You’ll end up with the Security Monthly Quality Rollup; all of your Office patches; maybe some .Net patches; Adobe Flash fixes; the Microsoft Security Essentials update; and the usual MSRT scanner. After the reboot, everything will be set to block automatic updates.

      Step A5: Wash, rinse, repeat.

      Go through Steps A2 to A4 again, to see if Windows Update picked up any new patches. Repeat until there aren’t any more additional patches. When you’re done, you’re done, but be sure to watch this site next month to see when the unpaid beta testers are done.

      You have to update your Windows computer. But you don’t have to update it according to Microsoft’s timetable.

      12 users thanked author for this post.
      deanwmn, willygirl, cesmart4125, Microfix, DeWayne12, Morty, MrToad28, Hugo, HiFlyer, ch100, MrBrian
    • May 20, 2017 at 6:54 pm #117019 Reply

      MrBrian
      AskWoody_MVP

      What is KB3010513?

      Also, after completing step A4, I recommend to keep repeating steps A2 to A4 until there are no ticked by default updates remaining after step A3.

      1 user thanked author for this post.
      cesmart4125
    • May 21, 2017 at 3:18 pm #117263 Reply

      MrBrian
      AskWoody_MVP

      As far as I know, there is no need to avoid KB 3150513.

      • May 21, 2017 at 3:36 pm #117268 Reply

        ch100
        AskWoody_MVP
        MrBrian wrote:

        As far as I know, there is no need to avoid KB 3150513.

        KB3150513 does not have any meaning and it cannot be installed on Windows 7 and 8.1 without KB2952664/KB2976978 as pre-requisite. It can be installed on Windows 10 and 2016 because the pre-requisite is already built-in.
        I think we are wasting time with non-sense trying to analyse various patches instead of recommending end-users how to tune and use their computers at their maximum potential.

        • July 3, 2018 at 6:35 pm #201199 Reply

          cesmart4125
          AskWoody Plus

          One time I didn’t follow Ms. Susan’s advice, and I wound up with no audio.  Simply uninstalling the patch and going back to an earlier restore point didn’t fix the problem.  Unfortunately, I didn’t understand how to use Macrium Reflect and hadn’t used it beforehand.

          Attachments:
    • May 22, 2017 at 9:07 am #117583 Reply

      MrToad28
      AskWoody Lounger

      Please explain advantage of this “turn off automatic updates” method over “check for updates but let me choose whether to download and install them” option.

      I’ve never had an update install without my having initiated it using the “check for updates…let me choose” option. Am I missing something?

      1 user thanked author for this post.
      ZemplinTemplar
      • May 22, 2017 at 11:34 am #117628 Reply

        AlexN
        AskWoody Lounger

        Mostly, it saps your computers performance heavily.  But it also will eventually auto-install the updates whether you like it or not.

        Fortran, C++, R, Python, Java, Matlab, HTML, CSS, etc.... coding is fun!
        A weatherman that can code

        3 users thanked author for this post.
        cesmart4125, Lori, MrToad28
        • May 23, 2017 at 5:17 pm #117914 Reply

          MrToad28
          AskWoody Lounger

          Prior to the May patches…or more specifically the May .net patch, I wasn’t experiencing system drag, but after that .Net patch CPU cycles went way high…40-50% on several Win7-64 pc’s.

          The primary culprit seems to be trusteninstaller.exe I stopped it and then switched to “Never check..” and that seems to have halted the CPU overrun.

          • May 23, 2017 at 5:28 pm #117915 Reply

            PKCano
            Da Boss
            MrToad28 wrote:

            The primary culprit seems to be trusteninstaller.exe

            trustedinstaller.exe is the installer for Windows Update. It sometimes runs high CPU for as much as 10 minutes after update/reboot to complete the install process.

            3 users thanked author for this post.
            willygirl, cesmart4125, Lori
    • May 22, 2017 at 9:15 am #117585 Reply

      MrToad28
      AskWoody Lounger

      I would add the following cautious options:

      If you have multiple similar PC’s with similar configurations, patch the least important one first it see if anything specific to your boxes doesn’t play well with the current patch.

      Create one or more restore points before patching.

      Apply major patches…the security roll-up and the .net roll-up separately and create a restore point in between.

      1 user thanked author for this post.
      Lori
    • May 22, 2017 at 11:44 am #117634 Reply

      Marty
      AskWoody Plus

      I’ve been in Group A for several months, but I have never understood the rationale for accepting ““Give me recommended updates the same way I receive important updates”. I do not check that box, since I don’t want anything but the updates that are designated as “important”. And having followed this procedure for several months, the list of optional/recommended updates has remained, without any of them having been installed.

      • May 22, 2017 at 11:57 am #117640 Reply

        PKCano
        Da Boss

        Group A follows the above instructions. Guess you must not be in Group A, but somewhere between Group A and Group B (which does not check “Give me recommended updates the same way I receive important updates” box).

        • May 15, 2019 at 11:15 am #1628321 Reply

          willygirl
          AskWoody Plus

          I’m in the same category then, in between GrpA/B because I have always avoided receiving Recommended Updates the same as Important. In this month’s patching process should I switch back, and as noted by Woody to receive all Recommended Updates the same as Important? Thanks

          Win7 SP1 Home 64-bit, GrpA

          • May 15, 2019 at 11:22 am #1628329 Reply

            PKCano
            Da Boss

            For now, you should just worry about the May updates. Come back with your question later in the month – get protected from the vulnerability first.

            1 user thanked author for this post.
            willygirl
    • May 22, 2017 at 1:16 pm #117654 Reply

      MrToad28
      AskWoody Lounger

      May I assume the April recommendation not to install optional roll-up preview patches still stands?

      I’m not keen on being an unpaid patch beta tester…

      • May 22, 2017 at 1:18 pm #117655 Reply

        PKCano
        Da Boss

        Don’t install any “Preview” patches. They are unchecked by default.

        1 user thanked author for this post.
        MrToad28
    • May 22, 2017 at 7:52 pm #117770 Reply

      rb
      AskWoody Lounger

      Dummie here and hoping to get some help.

      I’m stuck at step one. Not sure when it happened (I suspect it’s when I installed GWX Control Panel back when; it’s since been uninstalled), but I’m not able to change my WU setting to “don’t check”; it’s stuck on “check but let me choose” and any option to change it is grayed out.

      Just read from AlexN above that this setting saps my computer’s performance. Could this be a reason why my fan revs so much? That noise irks me to no end.

      I believe the settings issue has been addressed before, so I apologize for returning to it, but I missed the solution, or if there is one.

      Many thanks for the wealth of knowledge shared here.

      • May 22, 2017 at 9:46 pm #117788 Reply

        ch100
        AskWoody_MVP

        You have group policy configured.
        If you are not aware of it, then it is possible that other software set it for you.
        Windows Update MiniTool is known to do this.
        If you use WUMT, then configure for Automatic and your settings should become available again.

        • May 23, 2017 at 9:22 am #117866 Reply

          rb
          AskWoody Lounger

          Thanks for your reply, ch100.  No, I don’t have WUMT.  How would I go about determining if group policy is configured, and if it is, how may I reverse it?

          Really appreciate your help and patience.

    • May 23, 2017 at 6:11 pm #117916 Reply

      BrianL
      AskWoody Lounger

      @ PKCano    Do I get rid of Trusted Installer, or just find a way to disable it?  My Windows  update settings have been stuck on “Don’t download or install without permission” and it is grayed out.  I can check or un-check the boxes below the selection bar….. In picking the change settings, that is where this is.  It has been grayed out since I had the severe blue screen problem on the first of Dec 2016.  The computer was cleaned and the  original OS was reinstalled. It stopped running correctly again last of March.  I used “safe Mode” and changed out of “raid” and checked ‘OK’ and rebooted; blue screen gone and windows came right up.  But update setting was still grayed.  After reinstall, using RAID, I could not even ask it to look for updates.  After changing out of RAID, even with change setting grayed I could look for updates and they would come in. I didn’t loose any  files.

      • May 23, 2017 at 6:35 pm #117922 Reply

        PKCano
        Da Boss
        BrianL wrote:

        Do I get rid of Trusted Installer

        TrustedInstaller.exe is the installer for Windows Update. You definitely DON’T want to get rid of it.

        RAID is sometimes the default BIOS setting (older PCs). I’ve been caught by that myself a couple of time too.

        BrianL wrote:

        It has been grayed out since I had the severe blue screen problem on the first of Dec 2016

        Did you have GWX Control Panel on your computer before the blue screen. It blocked the settings so GWX wouldn’t change it to Auto and install Win10. There is a Registry setting I think will fix it. If you’re not familiar with the Registry, get someone who is to help you. I think 5 may be what you want.

        1) Hold WindowsKey + R
        (is hold Start & press R on your keyboard)

        2) Type: “regedit”
        Hit Enter

        3) Go to:
        HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

        Find AUOptions.
        Double Click AUOptions or Right Click Modify

        > You can change the values data from 1 through 5 <

        1. Install updates automatically (recommended)
        2. Download updates but let me choose whether to install them
        3. Check for updates but let me choose whether to download and install them
        4. Install updates automatically / Never Check For Updates
        5. Enable the option box to choose manually

         
        Edit to correct numbering

        3 users thanked author for this post.
        HiFlyer, BrianL, rb
        • May 24, 2017 at 6:16 pm #118050 Reply

          rb
          AskWoody Lounger

          @pkcano Thank you! Such a simple solution to my problem as well! However, when I changed the value to 5 (enable me to choose option manually), back at the Windows Update Settings page, there were only 3 options to choose from: install updates automatically; download but let me choose; check for updates but let me choose..; NO option to “Never check for updates” listed.

          Since the GWX campaign ended and with it my GWX Control Panel, I’ve been in group B. However, seeing that Woody’s recommending those of us with limited computer experience/knowledge to move to Group A, I don’t really understand why it’s best to enable “Never Check for updates”.

          Question: On the list of values you provide above for the AUOptions, how would I set it to 4 “Never Check for Updates” vs 4 “Install Updates Automatically”? Is there a toggle button or something that will make it clear what I’ve chosen?

          1 user thanked author for this post.
          HiFlyer
          • May 24, 2017 at 6:26 pm #118052 Reply

            PKCano
            Da Boss

            Unplug your computer from the Internet so you won’t get any surprises and try it. See what 4 does. You can always change it back. It may be 4 gives you what you want. Let us know what you find.

            1 user thanked author for this post.
            HiFlyer
            • May 24, 2017 at 7:01 pm #118055 Reply

              rb
              AskWoody Lounger

              Good news: following my switching the value to 4, the WU settings page simply offered all 4 options, including the one to turn off updates! At long last!

              I’m a happy camper, thanks to you.

              1 user thanked author for this post.
              HiFlyer
            • May 24, 2017 at 7:10 pm #118056 Reply

              PKCano
              Da Boss

              🙂 🙂

              1 user thanked author for this post.
              HiFlyer
    • May 24, 2017 at 10:07 am #117995 Reply

      BrianL
      AskWoody Lounger

      @ PKCano  I have regedit on my bar at bottom of screen along with services, for easy access. I have fiddled with both and am somewhat acquainted with them.  Am going to try your  suggestions in the next hour.   ALSO, I downloaded “WireShark”, but haven’t used it yet. Also downloaded “MS Malicious Software  Removal Tool”.  So far entering a software screen or web page or changing screens is a little slower than before and but changing within screens is fast as ever.

    • May 24, 2017 at 10:42 am #117996 Reply

      BrianL
      AskWoody Lounger

      @ PKCano  Did as you stated in regedit and it worked perfectly.  Thanks to you for your invaluable instructions.

    • May 25, 2017 at 8:10 am #118106 Reply

      BrianL
      AskWoody Lounger

      @ PKCano  till have not use WireShark.  Will let you know how it worked>

    • May 27, 2017 at 10:16 am #118322 Reply

      BrianL
      AskWoody Lounger

      @ PKCano  Question?  In the windows update settings I have no Red label. In other words the box with “Never check for updates”  is not there.  The other boxes are.  As per your advice I went into regedit and found the correct line and change it to 5.  That gave me a choice that was available before.  as I had no choices before.   I think that back in November/December 2016 I had a collapse of my Windows 7 SP1 x64, the Computer
      Sepecialist that I had reinstall the original OS did as I instructed (I don’t want to install any updates from MS anymore).  Could this have causes the update acquiring problem?

      • May 27, 2017 at 10:35 am #118325 Reply

        PKCano
        Da Boss

        In the Registry setting, try 4. I think it will give you four choices, Never being one of them.

    • July 30, 2017 at 7:07 am #127142 Reply

      MrBrian
      AskWoody_MVP

      In steps A2 and A3, I recommend removing the sentence mentioning KB 3150513.

      • July 30, 2017 at 8:45 am #127152 Reply

        PKCano
        Da Boss

        Since Group A is (supposedly) not concerned with telemetry, they probably have installed KB2952664/KB2976978. But if they are not planning to upgrade, is there any reason to need KB3150513?

        • July 30, 2017 at 10:56 am #127166 Reply

          MrBrian
          AskWoody_MVP

          Yes, because KB 3150513 contains the latest definitions for KB2952664/KB2976978. I see no good reason for a user with KB2952664/KB2976978 to do extra work to avoid the latest definitions for KB2952664/KB2976978.

          1 user thanked author for this post.
          ch100
          • July 30, 2017 at 4:19 pm #127219 Reply

            ch100
            AskWoody_MVP

            I think this has more to do with uninstalling in the correct order if the patches got installed or if there is a change of mind.
            People should be aware that the installation order is KB2952664 and next KB3150513, while for uninstalling, it should be quite the opposite, first KB3150513 (all patches if multiple) and next KB2952664 (again, all patches, if multiple).

    • July 30, 2017 at 11:02 am #127168 Reply

      MrBrian
      AskWoody_MVP

      Recommendation: Add a step at the end (for those that care about telemetry) linking to 2000007: Turning off the worst Windows 7 and 8.1 snooping.

      • July 30, 2017 at 11:32 am #127176 Reply

        PKCano
        Da Boss

        Group A is for people not concerned about telemetry. “Keep it simple, just do it.”
        The part to turn off CEIP is already there.

        • July 30, 2017 at 12:01 pm #127183 Reply

          MrBrian
          AskWoody_MVP

          In that case, for the sake of consistency, perhaps the recently added CEIP paragraph should be removed.

          • July 30, 2017 at 12:25 pm #127189 Reply

            MrBrian
            AskWoody_MVP

            The presence of the CEIP paragraph without also mentioning AKB2000007 might give users the false impression that doing the CEIP part is sufficient.

            • July 30, 2017 at 12:48 pm #127193 Reply

              PKCano
              Da Boss

              Group A people are not inclined to the complexities of removing telemetry in detail. Turning off CEIP can be done easily through the GUI and I believe is sufficient for people who “aren’t overly concerned about increased telemetry” as the topic states.

              I am not inclined to make it overly complicated for this group (unless there is overwhelming consensus to do so).

            • July 30, 2017 at 3:25 pm #127215 Reply

              ch100
              AskWoody_MVP

              Error Reporting which I mentioned is in the same class.
              In Windows 10 can only be turned off via Group Policy or by direct editing of the registry.
              In Windows 7 and 8.1 it can be configured in GUI.
              It tends to record and send more relevant data back to Microsoft than CEIP, but I turn it off for reasons of space wasted and performance.

              1 user thanked author for this post.
              HiFlyer
    • October 14, 2017 at 11:09 am #137451 Reply

      MrBrian
      AskWoody_MVP

      Important: Group A (Win 7 and 8.1) might be missing updates if don’t hide unwanted updates.

      1 user thanked author for this post.
      walker
    • December 8, 2017 at 9:40 am #150835 Reply

      BrianL
      AskWoody Lounger

      To rb : I found that the use of so high powered programs might cause the fan(s) to run But a dirty fan will most likely be the culprit. Turn off, unplug and use vacuum to clean all fans. Fans attract dust you can’t see.

    • May 26, 2018 at 12:57 pm #194572 Reply

      cesmart4125
      AskWoody Plus

      Patch Watch may have been like this previously; however, I didn’t notice it.  For kb 4103718, it says this is the monthly roll up and there have been networking issues.  There’s no mention of kb4103718 being safe to install.  A similar situation exists for kb4099633 and the updates for Office 2010.

      Should I wait until next weekend to install May’s updates?  Thanks in advance for your advice.

      Win 7 32 bit SP1, Office 2010 SP2, Intel Core 2 Duo @ 1.80 GHz, 4.0 GB RAM

      Attachments:
      1 user thanked author for this post.
      walker
      • May 26, 2018 at 1:13 pm #194576 Reply

        PKCano
        Da Boss

        The Master Patch List (see button at top of blog home page) is a guide to whether the patches have problems (or not).

        The DEFCON number at the top of the page is a guide to patching. When Woody raises the DEFCON mumber to 3 or above, he also publishes an article in ComputerWorld that contains the cautions and instructions for updating safely.

        2 users thanked author for this post.
        cesmart4125, walker
    • Author
      Posts

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: 2000004: How to apply the Win7 and 8.1 Monthly Rollups

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.

Recent Replies

Recent Topics

October 2019
M T W T F S S
« Sep    
 123456
78910111213
14151617181920
21222324252627
28293031  

Copyright © 2019 AskWoody LLC. All rights reserved.

Powered by WordPress
Theme designed by My Mobiles, modifications by PapayaSoft