![]() |
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Michael Horowitz: Killing Windows Update on Win10
Home › Forums › AskWoody blog › Michael Horowitz: Killing Windows Update on Win10
Tagged: Block Win10 updates
This topic contains 30 replies, has 7 voices, and was last updated by
anonymous 1 month, 1 week ago.
-
AuthorPosts
-
Horowitz has a fascinating “cheat sheet” reviewing various methods of blocking Win10 updating. With Windows 10, there are three aspects to disabling W
[See the full post at: Michael Horowitz: Killing Windows Update on Win10]9 users thanked author for this post.
-
I use a combination with metered connection and Wushowhide, at least that has worked for me, this is in the case I plan to update if not, the above mentioned plus disabled services.
Just someone who don't want Windows to mess with its computer.-
anonymousIf you switch to a Windows restricted/standard user does the Metered connection still show as enabled? Of course, what Windows 10 displays and what it does are not guaranteed to be the same thing.
-
anonymousJust curious which versions of W10 you are running (and home/pro) – each versions has been a changing landscape for possible options.
-
-
I use a combination with metered connection and Wushowhide …
If you switch Windows users, does the metered connection remain on? For Ethernet? For Wifi SSIDs?
Get up to speed on router security at RouterSecurity.org
-
anonymousYou would have to keep Windows Update and fiends locked down because metered status is to be set for each new connection. I had to change a network and wasn’t very careful, and all the Microsoft malware wanted to come flooding into Windows 10.
-
Yes, a problem with this approach is the first time you connect to a new Wi-Fi network, it is not metered by default so Windows Update does its thing.
Get up to speed on router security at RouterSecurity.org
-
-
anonymousAddressing your first question, yes the connection will remain metered status while switching users. Also, Microsoft has demonstrated the ability to override metered status when it suits them.
-
-
anonymousThere are ways to use the registry to stop “unstoppable services” I done this few times. If I remember right, it involves changing the start number in data to a 4
-
anonymousYes, some details are here
https://www.wintips.org/how-to-turn-off-windows-10-updates-permanently/
and it does suggest changing the Start key to 4. However, since some of Windows Update is specifically designed to roll back this type of hacking, you can’t count on registry updates sticking any more.
-
-
With the advent of 3rd party (free) blocking apps this should be a mute issue for those concerned enough about blocking Win10 updates to do something about it. It’s ridiculously easy. I might add that since I have added an update blocker app I have seen no ill side effects from doing so. (Oct 10, 2018 added)
Now, blocking Win10 telemetry is another animal. I am looking for an app as EASY and safe (and reversible) as the update blocking is. While there are apps available, they have pitfalls I am not ready to risk using. I have my fingers crossed hoping for one soon. I know some will say this isn’t a good thing to do, windows needs this info to make adjustments and improvements to windows … we have seen and continue to see the end results of this fallacy. Call it what you want, it’s spying without any control. The (pun intended) window dressing controls available now are an insult to any intelligence.
Edit to add: Windows Home, Version 1803 (OS Build 17134.165)
-
This reply was modified 2 months, 1 week ago by Bluetrix.
1 user thanked author for this post.
-
anonymous@bluetrix
What update blocker app do you use?-
@bluetrix What update blocker app do you use?
http://greatis.com/blog/stopupdates10 <— program is here, developers site.
(There are others out there in internet land but I use this one)
I am including an excerpt outlining what the program does I copied from:
https://www.thewindowsclub.comI hope this helps all or just one of the many readers here. I do intend to update, perhaps when the MS-DEFCON rating is more palatable.
How StopUpdates10 works
If you are curious enough, the developer of the tool has provided us with the entire list of actions that happen in the background. The tool makes the following changes:Registry Values: The program automatically changes the registry values for 7 registry keys for you so that you do not have to do it manually. All the registry changes can be easily restored back with the restore button.
Windows Update Service: StopUpdates10 completely stops this service and prevents it from auto-starting, essentially killing the automatic updates mechanism.
(I deleted what it changes, that can be read at https://www.thewindowsclub.com)
Restoring changes is also easy as is. All you need to do is hit the Restore Windows Updates button, and all the changes will be rolled back. The program also displays the status of Windows Update. Apart from that it also provides you with command line features so that you can include StopUpdates10 in your scripts as well.-
This reply was modified 2 months, 1 week ago by Bluetrix.
1 user thanked author for this post.
-
anonymousI would not use that program. For one thing, it is closed source, not open. It changes registry values for 7 things. What things? There are at least 15 scheduled tasks involved with Windows Update. It stops one Windows Service when there are likely to be four involved with Windows Update. And while it may have prevented the service from being re-started in the past, Windows Update is getting more aggressive in this and its not clear when the program was last updated. Finally, it blocks processes. How? None of our business.
-
I would not use that program. For one thing, it is closed source, not open. It changes registry values for 7 things. What things? There are at least 15 scheduled tasks involved with Windows Update. It stops one Windows Service when there are likely to be four involved with Windows Update. And while it may have prevented the service from being re-started in the past, Windows Update is getting more aggressive in this and its not clear when the program was last updated. Finally, it blocks processes. How? None of our business.
That’s okay by me if you don’t want to use it because it’s a “closed source”. Windows10 is fully open I guess. Perhaps it who or what reviews you trust. Maybe it’s a closed source because the developer didn’t want anyone to commercialize his freely offered work.
As far as what the program actually does I provided a link to that, but to be more precise here is the link to the actual review so you don’t have to search for it in windowsclub forums. It includes everything I didn’t include, as I said my post was only an excerpt.
https://www.thewindowsclub.com/block-updates-windows-10-stopupdates10
You asked what program I used, ymmv, but it works for me. 🙂
btw, I use free programs that are a closed source, so far so good. To name just a few : Adaware, Ublock, CCleaner, and those are just three of to many to list.
Apologies for OT segue mods 🙂
-
-
This reply was modified 2 months, 1 week ago by
-
-
anonymousThanks for post the update blocker app. I might try it and see how it. Thanks again.
-
This reply was modified 2 months, 1 week ago by
-
anonymousMr. Brian posted a link to a batch script months ago for stanching Windows 10 update malware behavior, it has worked well on 1607 and also has been updated for other versions. If Window’s own firewall rules are honored that can help.
You should be able to find a basic printer driver from the printer manufacturer, some companies have a smaller core package. Because of a feature you may need or want sometimes you have to get the fat driver package, the good fat driver package installers will let you choose a custom installation and trim packages.
You all have enough intellect to manage your own printer folks, Windows 10 doesn’t need to do that job.
-
Anything permission-locked can be unlocked with the help of NSudo 🙂
-
anonymousMichael Horowitz missed in his article that you can actually deal with and remove sedsvc easily–it’s part of the trash that gets installed in C:\Program Files\rempl on a-few-months-out-of-date Win10 installations. It is the much-maligned KB4023057, cursed be its name, which is re-released every month despite the lamentations of the righteous.
Installation of it can be easily prevented by doing the following:
1. Uninstall it in Control Panel/Programs and Features. It’s in the list of installed software, not in the list of updates. Microsoft is tricky. I had a different word in mind but its not terribly polite.
2. Make a C:\Program Files\rempl folder. If one already exists, delete it and remake it to ensure you have ownership.
3. Deny all permissions to C:\Program Files\rempl for all accounts except administrators. You can do this with the permissions dialog or with icacls or some other utility. This will prevent any files being placed in the rempl folder, which will prevent the reinstallation of the loathed KB4023057.
Any attempts by Windows Update to install KB4023057 every month will simply fail because the files can’t be written. If you forget to run wushowhide every month, this will potentially save you from a ninja installation of KB4023057 resulting in a possible forced “upgrade” to 1809, with all the blue-screens, bugs, wasted hours, sadness, and failure that implies.
-
anonymousMay be version dependent. 1803 contains the C:\Program Files\remp folder but there is no uninstall option.
-
-
anonymousAn anti-exe such as voodooShield can help block the various processes, but it requires you to approve every process which may be annoying to some. The same with a 3rd party firewall. Both require ‘Insane Paranoid’ mode.
What is of interest is the variety of processes that fire up over time. With 1709, every 2 months something new would appear to repair any alterations made to stop updates.
I broke the process by taking ownership of the folder for Update Orchestrator in Scheduler, sys32 and deleted the files. You can return them, or just download an ISO for update later.
Be warned, Win10 is tricky so don’t set and forget; a process will fire up at some stage to make changes to update.
Of course a backup can be restored return normality and investigate where it went wrong.Edited for HTML. Please use text tab for copy/paste.
-
every 2 months something new would appear to repair any alterations made to stop updates.
This is one real purpose of the AI and telemetry: to find out what people are doing to block updates.
-
-
anonymousIf there is no way left, just block the connection using the hosts file or alternatively a self managed DNS server.
Adding update.microsoft. com and windowsupdate.com resolving to 127.0.0.1 should work. I would prefer the DNS server method.
-
anonymousThis article mentions 15 different Windows Update domains that are blocked
https://www.reddit.com/r/Windows10/comments/7xxup9/permanently_disabling_windows_10_upgrade/
My experience has been that DNS can only block one sub-domain at a time. That is you have to specifically block a.example.com and b.example.com and c.example.com individually, you can not globally block all of example.com. Am I wrong about that?
A self-managed DNS server sounds like a great idea, but any device on the network that uses a VPN bypasses this blocking.
-
-
anonymousI use DNS blocking in Router on my Windows 10 Home using this as reference :
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1709-endpoints
https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1709-non-enterprise-editions
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1803-endpoints
https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1803-non-enterprise-editions
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1809-endpoints
1 user thanked author for this post.
-
Great links, thanks.
DNS blockages in a router have the advantage of working for all PCs on the LAN. But, any computer using a VPN bypasses the router for both DNS and firewalling. DNS blockages on one computer were, I thought, impractical because each subdomain has to be specified individually and this Microsoft doc does not do that.
For example, if you want to block *.hwcdn.net as per the Microsoft documentation, how would you? DNS, at least the hosts file, does not do generic. You would have to block a.hwcdn.net and b.hwcdn.net and c.hwcdn.et, etc etc. So, what specifically do block in DNS?
Get up to speed on router security at RouterSecurity.org
-
-
Addressing your first question, yes the connection will remain metered status while switching users. Also, Microsoft has demonstrated the ability to override metered status when it suits them.
Where did you read about Microsoft over-riding the metered status? And, in my testing, limited though it was, a restricted/standard user had the metering off, even though an Admin user on the same machine had it on.
Get up to speed on router security at RouterSecurity.org
-
anonymousI have been staying at version 1607, and is it possible with newer versions to change the metered status separately from the Administrator? Is there a per-user registry setting to control metered connection state?
Where did you read about Microsoft over-riding the metered status?
Why here at AskWoody of course and from this, and here, this one, and from some of these links over here.
-
-
anonymousHi, Michael,
just in case you didn’t hear from nsudo, to have more rights on W10:
http://www.majorgeeks.com/files/details/nsudo.htmlI could disable the task ‘PerformRemediation’ via the help of nsudo, but there must be another task re-enabling it again, and i didn’t spent to much time searching for it.
Regards, Karlheinz
Edit: Removed email address for security reasons. -
anonymousStopUpdates10 stops window from updating; hence, I will need to have StopUpdates10 restore updates to get software upgrades and updates. StopUpdates10 does not mess with windows defender updates; hence, I will still have up to date virus definitions. It’s this correct?
Out of curiosity, how often do you re-enable updates?
Thx
-
AuthorPosts
Comments are closed.
-
-
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced.

Plus Membership
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search The Lounge
Recent Replies
-
PKCano on Synchronizing time/date on printer and computer3 minutes ago
-
Slowpoke47 on Synchronizing time/date on printer and computer9 minutes ago
-
OscarCP on Still no "Select File" Box??17 minutes ago
-
anonymous on Patch Lady: Still on Win7? Get over it, for security’s sake
17 minutes ago -
Sueska on Synchronizing time/date on printer and computer18 minutes ago
-
warrenrumak on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March20 minutes ago
-
anonymous on Patch Lady: Still on Win7? Get over it, for security’s sake
20 minutes ago -
TaskForce141 on Patch lady – Make sure your 1099s are private31 minutes ago
-
Microfix on Still no "Select File" Box??31 minutes ago
-
OscarCP on Pssssst… I still don’t believe the part about Microsoft testing 20H1, then jumping back to 19H232 minutes ago
-
PKCano on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March44 minutes ago
-
anonymous on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March
46 minutes ago -
CADesertRat on Still no "Select File" Box??46 minutes ago
-
Bluetrix on Still no "Select File" Box??54 minutes ago
-
TaskForce141 on Patch Lady: Still on Win7? Get over it, for security’s sake57 minutes ago
-
OscarCP on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March1 hour, 14 minutes ago
-
Sinclair on Tell me the truth – Which is better, Chrome or Firefox?1 hour, 20 minutes ago
-
woody on Still no "Select File" Box??1 hour, 21 minutes ago
-
anonymous on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March
1 hour, 32 minutes ago -
samak on Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March1 hour, 41 minutes ago
Recent Topics
-
Tell me the truth – Which is better, Chrome or Firefox?
1 hour, 20 minutes ago
-
Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March
20 minutes ago
-
New to AskWoody from Windows Secrets Lounge
7 hours, 23 minutes ago
-
Testing Image Importing and then Deleting Post
7 hours, 47 minutes ago
-
Creating a list of Web sites on operating systems security.
7 hours, 45 minutes ago
-
The Ultimate Malfunction/Windows Nervous Breakdowns
14 hours, 9 minutes ago
-
Outlook calendars make me crazy
1 day, 3 hours ago
-
Still no "Select File" Box??
17 minutes ago
-
Pssssst… I still don’t believe the part about Microsoft testing 20H1, then jumping back to 19H2
32 minutes ago
-
advice regarding possible upgrade to win10
1 day, 9 hours ago
Search for Topics
Recent blog posts
- Microsoft updates its schedule for SHA-2 ‘critical’ Win7 update, now due in March
- Pssssst… I still don’t believe the part about Microsoft testing 20H1, then jumping back to 19H2
- Win10 updating terminology is changing again – but this time maybe it’s tied to a major improvement
- Fred Langa: How do I unfreeze my laptop? I’ve pressed ctrl-shift-del but it did not work
- Miscellaneous, minor problems with the Patch Tuesday patches