Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsMicrosoft WindowsWindows 10 - How to Disable Updates
JimmyH

2898 posts

Uber Geek
+1 received by user: 1554


#228668 16-Jan-2018 18:42
Send private message

I have a machine that I use for performance tasks, such as heavy-duty video encoding, and it doesn't really hold *any* sensitive information.

 

I have read about the Spectre and Meltdown patches damaging performance generally, as well as (in some cases) making machines unusable. I have already had experience of having to roll the Creator's Update back after it broke some functionality I was using.

 

I am aware that I can disable updates using the group policy editor on the Pro version of Windows, but I only have the Home version installed on that box. Is there any way of disabling updates on a Windows 10 box. I would rather not take the performance hit, ongoing risk of stuff breaking, and the general annoyance at this point. So, does anyone know how to do this and, if so, how do you do it?

 

Ideally I don't want to have to spring the extra to upgrade Windows to the Pro version so that I can disable updates using the group policy editor, but I guess I will have to do so if there is no other way. I also don't want to have to block all the update IPs at the router, as that would disable updates on my other box and the Wife's laptop, both of which I do want to keep updated.

 

To stop this going down a side-alley, I want to be clear I'm also not looking for stern homilies about why I should leave updates enabled and why/how they protect me. I'm aware of that and the risks involved in disabling them.

Filter this topic showing only the reply marked as answer Create new topic
mentalinc
3384 posts

Uber Geek
+1 received by user: 1023

Trusted

  #1940085 16-Jan-2018 19:09
Send private message

What CPU do you have?

 

Is the video processing is being accelerated by your GPU at all?

 

Have you seen benchmarks for the exact workload you're using, alot are for benchmark apps and dont really represent real world...

 

 




CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB:  Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

 

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX 



yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1940090 16-Jan-2018 19:22
Send private message

Through services.msc stop and disable the Windows Update service.

freitasm
BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41040

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1940095 16-Jan-2018 19:25
Send private message

Please do not disable Windows Update. You might think "this machine doesn't hold any private information" but seriously it can be a vector to other stuff too.

 

Keep it updated.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



JimmyH

2898 posts

Uber Geek
+1 received by user: 1554


  #1940138 16-Jan-2018 20:22
Send private message

yitz: Through services.msc stop and disable the Windows Update service.

 

Great. Thanks.

 

I will see if that does the trick. For some reason I didn't find that in any of my googling, just lots of guides using the group policy editor that requires me to have the pro version of Windows.

 

freitasm:

 

Please do not disable Windows Update. You might think "this machine doesn't hold any private information" but seriously it can be a vector to other stuff too.

 

Keep it updated.

 

 

I understand that. But I have done so anyway.

 

I might re-enable it when I have seen whether the latest patches break Windows or not.

 

Plus, I would rather update manually at a time of my choosing. The automated version is really annoying me. There is nothing worse than queuing up a 10 hour video encoding job and going to bed, then waking up in the morning to discover that the machine updated and rebooted itself in the wee small hours and the whole job failed.

 

I would be less annoyed if it behaved the same way as Windows 7 and applied the updates when I manually shut down the machine rather than automatically. And the ability to exclude certain hours from automatic restarts isn't a wide enough window for my use case.

JimmyH

2898 posts

Uber Geek
+1 received by user: 1554


  #1940142 16-Jan-2018 20:30
Send private message

Curses, I have just checked further.

 

It would appear that the method above will disable most updates, but not security updates.

 

Unless anyone knows any more tricks, it looks like I might have to shell out for the Pro version just to bring my install under control.

 

Does anyone know how to block the security updates on the home version?

Oblivian
7345 posts

Uber Geek
+1 received by user: 2117

ID Verified

  #1940143 16-Jan-2018 20:32
Send private message

Ironically the latest updates have started to allow you to stop/delay the very functional concerns you have.

you can specify out of hours operation filters.

 
 
 
 

Shop now on AliExpress (affiliate link).
yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1940171 16-Jan-2018 20:36
Send private message

JimmyH:

 

It would appear that the method above will disable most updates, but not security updates.

 

 

What do you mean by security updates? I believe Windows Defender still does its definition updates, but that has never caused scheduled reboots for me. I'm not using version 1709 though and I believe there have been some changes in the security front i.e. integrating firewall, system updates etc.. all under the 'Windows Defender' brand.

mugs2000
66 posts

Master Geek
+1 received by user: 28
Inactive user


  #1940175 16-Jan-2018 20:46
Send private message

In settings, I believe there is a way of defining your network as a metered connection. This will stop upgrades. 

 

I shall refrain from the "must not do it" lecture, but perhaps isolate this machine from the rest of your network.

jnimmo
1098 posts

Uber Geek
+1 received by user: 255


  #1940176 16-Jan-2018 20:46
Send private message

What CPU are you using? If it is Haswell or newer it shouldn't suffer a performance hit is my understanding (if the chip supports PCID and INVPCID)

 

https://www.sqlskills.com/blogs/glenn/checking-your-intel-processor-features-regarding-the-meltdown-exploit/

ZollyMonsta
3009 posts

Uber Geek
+1 received by user: 379

ID Verified
Trusted

  #1940183 16-Jan-2018 20:58
Send private message

Keep it updated! However, you can change the connection to ‘metered’ which gives you a bit more control over downloads and reboots.




 

 

Check out my LPFM Radio Station at www.thecheese.co.nz - Now on iHeart Radio, TuneIn and Radio Garden

 

As per the usual std disclaimer.. "All thoughts typed here are my own."

JimmyH

2898 posts

Uber Geek
+1 received by user: 1554


  #1940216 16-Jan-2018 21:47
Send private message

yitz: What do you mean by security updates? I believe Windows Defender still does its definition updates, but that has never caused scheduled reboots for me. I'm not using version 1709 though and I believe there have been some changes in the security front i.e. integrating firewall, system updates etc.. all under the 'Windows Defender' brand.

 

I want to block specifically the Spectre and Meltdown patches, at least until questions of the performance hit they cause, and reports that they are bricking some machines are resolved to my satisfaction.

 

I also want to stop anything that will cause automatic updates and reboots. I want any updates and rebooting to occur when I want them to, and the out of hours operation filters don't let me do that sufficiently. At most I seem to be able to lock in a few hours delay, provided I remember to do so to suit whatever job I have just started running.

 

In short, I want the same control over updates that earlier versions of Windows gave me, given that it's hardware that I own.

HP

 
 
 
 

Shop now for HP laptops and other devices (affiliate link).
jnimmo
1098 posts

Uber Geek
+1 received by user: 255


  #1941213 16-Jan-2018 21:51
Send private message

Nice little tool from GRC InSpectre which lets you see the status of your machine and disable the mitigations (for performance reasons etc); so let Windows update and try it out instead

 

I just checked and found my Dell XPS already has the hardware mitigations - guess I can stop checking for BIOS updates!

 

 

 

If you want control over how often Windows updates - upgrade to Win 10 Pro. It is worth the upgrade just to be able to control when updates happen and change to a business release cycle

ANglEAUT
altered-ego
2436 posts

Uber Geek
+1 received by user: 842

Trusted
Lifetime subscriber

#1941227 17-Jan-2018 00:01
Send private message

JimmyH: ... Ideally I don't want to have to spring the extra to upgrade Windows to the Pro version so that I can disable updates using the group policy editor, ...
Group Policy Editor is the fancy GUI way of updating the Registry. While not all keys & values apply to Home vs. Pro most of them do. Search here for the GPO that you want to set and implement the manual Registry key yourself.

 

JimmyH: ... I want to be clear I'm also not looking for stern homilies about why I should leave updates enabled and why/how they protect me. ...
Oblivian: Ironically the latest updates have started to allow you to stop/delay the very functional concerns you have ...
In Win10 Build 1709, you actually have three different options. See picture below.

 

     

  1. Choose your channel

     

       

    1. Semi Annual channel (Targeted) (previously known as CB?)
    2. Semi Annual channel (previously known as CBB?)

     

  2. Defer updates up to 365 days
  3. Pause updates up to 35 days (This is the option I recommend you take)

 

Click to see full size

 

yitz: Through services.msc stop and disable the Windows Update service.
Also include the BITS service.

 

 




Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

muppet
2642 posts

Uber Geek
+1 received by user: 1660

Trusted

  #1941239 17-Jan-2018 06:29
Send private message

Follow the advise of @jnimmo.  Don't disable updates, disable the software mitigations.

1101
3141 posts

Uber Geek
+1 received by user: 1143


  #1942008 18-Jan-2018 13:43
Send private message

disabling the update service no longer works long term.
Win will actually just re-enable it .

 

try this
https://www.tenforums.com/tutorials/8013-enable-disable-windows-update-automatic-updates-windows-10-a-50.html#post1236513
Remove "SoftwareDistribution" and create a nonexistent shortcut to it, checking for updates will fail.

 

There are often very good reasons to disable winupdates . MS are actively making that harder and closing the workarounds
Some of the old methods to disable/block Win10 updates no longer work.

 

Not having the latest patches actually isnt the end of the world, and is absolutely no guarantee that you PC wont get infected hacked
Plenty of fully up to date PC's get all sorts of malware
Plenty of NOT up to date PC never get malawre,hacked etc.
Perhaps if MS would like to stop delivering unwanted CRAP via the update process smile

 

Plenty of laptops fail on major build updates, they just keep downloading GB's of that build update & fail, needing a MANUAL
build update install .

Filter this topic showing only the reply marked as answer Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright