Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How risky is it to disallow Windows updates?


  • Please log in to reply
28 replies to this topic

#1 Ghostbusters2

Ghostbusters2

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 06 December 2017 - 05:23 AM

A couple of years ago Microsoft started issuing really creepy updates to Windows 7. Some of them installed Windows 10 automatically!!! While others sent telemetry back home. At the same time it became apparent that Microsoft cannot be trusted because Windows 10 spies on its users (no doubt girls are the real targets).

 

Upon discovering this, I immediately found lists of all the 'telemetry' and Win 10 updates and uninstalled them. I also set my computer to "Never check for updates". (I had originally set it to "Download updates but let me choose whether to install them" but I discovered that this option can't be trusted and will still automatically install certain updates.)

 

Since then, I haven't been installing any new Windows updates, partly because I simply do not trust Microsoft at all, and partly because there doesn't seem to be any reliable source of information about which new updates can be trusted.

But I'm wondering how risky is this? I'd love to have all the latest legitimate security updates as I don't want viruses, but then again I don't want my OS sending telemetry home! It's not that I've got anything to hide - I haven't - it's just the principle of wanting privacy.


Edited by Ghostbusters2, 06 December 2017 - 05:24 AM.


BC AdBot (Login to Remove)

 


#2 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:54 PM

Posted 06 December 2017 - 10:24 AM

It is risky, and foolish, to block Windows Updates on any version of Windows.   No one has said it better than one of our very own BSOD experts:

 

There really isn't a point to checking for updates and not installing them. . .  It's important to install all available updates. I've been doing this since the days of DOS, and I still don't have the confidence to pick and choose among updates.  There are just too many variables involved - and most people can't evaluate the full consequences of installing/not installing updates.

        ~ John Carrona, AKA usasma on BleepingComputer.com, http://www.carrona.org/

 

If you distrust Microsoft that much then you need to find an alternative OS, plain and simple, that you are willing to allow updates to be applied to.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#3 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 06 December 2017 - 10:51 AM

Thanks Britechguy, that's a really helpful answer.



#4 brettjohnson

brettjohnson

  • Banned Spammer
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:54 AM

Posted 06 December 2017 - 11:18 AM

I always use to block/delay windows update but the way you described I should update it. :D Thanks, dude. (Y)



#5 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:54 PM

Posted 06 December 2017 - 12:54 PM

Thanks Britechguy, that's a really helpful answer.

 

You're quite welcome.

 

Given the amount of cyber-criminality out and about on the 'net these days, no one really knows (and very often the OS makers and maintainers want to keep it that way) why a given update may be being made to the OS.  Some, of course, are given obvious descriptions but security updates are often just "security update" or "security update to address vulnerability in . . ."

 

It is really not to any company's advantage to spy, in the conventional sense of that word, on their customers.   Now, one can legitimately argue that the kinds of data collection and data mining that go on by multiple entities, including Microsoft, are far too intrusive and should be stopped.  Since spying involves secretive collection of sensitive information, what's happening is not spying since data collection practices are generally documented as part of the EULA for various software and what is collected, while personal, is not likely to be sensitive (e.g., SSN, passwords, bank account numbers, etc.); at least not if you're dealing with legitimate companies.  None of them want the legal exposure (nor the PR nightmare) that would come were it shown that sensitive data were being collected.   Now, I find the whole practice of tracking and creating profiles of an individual based on their browsing and search habits loathsome and intrusive, but everybody does it and until or unless we can get our government to enact legislation making this illegal or requiring opt-in or opt-out with very clear instructions regarding either this practice isn't going away.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,284 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:54 PM

Posted 09 December 2017 - 08:46 AM

I usually delay the installation of Windows monthly updates for a couple of days so I have time to see if any issues have been reported. Some patches have caused enough problems necessitating Microsoft to pull and re-release them.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:54 PM

Posted 09 December 2017 - 11:34 AM

I usually delay the installation of Windows monthly updates for a couple of days so I have time to see if any issues have been reported. Some patches have caused enough problems necessitating Microsoft to pull and re-release them.

 

And for those who are diligent enough, this is a great idea.  The nice thing with the advent of Windows as a service is even the monthly updates don't go out to the entire world in one fell swoop.  When there are unanticipated problems out "in the wild" with patches they tend to get stopped in their tracks, the fixes applied based on what was learned through telemetry, and then re-released before most have ever seen them for the first time.  With the introduction of system health telemetry all the way back to Windows 7 (unless blocked) the patch system is more robust than it's ever been.

 

For "the great unwashed" who are either "all or nothing" I'm sticking with, "you need to let 'em all install, when Microsoft sends 'em to ya."


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#8 rp88

rp88

  • Members
  • 2,983 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:54 AM

Posted 11 December 2017 - 06:22 PM

My personal take is to always install security updates within a few days of release, just enough time for any big bugs (which don't often come in the SECURITY updates, most buggy updates I've seen have been buggy feature updates) to be detected and discussed online. I never do any non-security updates for windows, sometimes there are some which may fix certain bugs, but I've never experienced any of those bugs so have no need to fix them. I avoid feature updates too. What this means in practice thesedays is that I make an approximately monthyl visit to microsoft's update catalog website and download the .msu file for the "security only" update, which I then install. I hide the roll-up updates (which have security plus huge amounts of new feature components and some non-security bug fixes) when they appear in windows update, which I keep set to "check for updates automatically but ask me whether I want to download them", this way I don't fail to know when updates are available but I can veto the ones which I don't want.

Ghostbusters2, you did what was right for you in terms of removing and not installing the telemtry, GWx and feature updates, but you really need to be installing the security ones. (Assuming you are on windows 7/8/8.1) Thesedays you can't get the security only ones via windows update, you must let windows update check for updates, then when it alerts you that there are some follow the "more information" link which will open up a page with infromation about the update in your default web browser. On that page look for the security only update with the same date as the monthyl rollup, then go to it's page and follow the link from there to the microsoft update catalog website from which you can download a .msu file which when you open it will install the security only update for you.

P.S. Regarding "I had originally set it to "Download updates but let me choose whether to install them" but I discovered that this option can't be trusted and will still automatically install certain updates.". I've heard people talk of this but never actually seen it for real, it's always sounded a nasty possibility but I've generally thought that it cannot happen band rather that the people saying this have made a mistake somewhere or that updates had already been downloaded before they switched to "check automatically but...". I would like to know more about what happened with your system when this occured, so I can work out which is the case.

Edited by rp88, 11 December 2017 - 06:25 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:54 AM

Posted 11 December 2017 - 08:13 PM

There is a soft i can't live with it : Rollback RX

 

the most useful tool concerning Windows Updates and other program installation; so with it, i update Windows, if something goes wrong, i rollback in a minute to the previous working snapshot and try again until the update is successful.

 

It saved me lot lot lot of time.



Emsisoft Community Manager


#10 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 12 December 2017 - 08:18 AM

Thanks to every single reply, they're all greatly appreciated! :) I really like this site and have a lot of respect for the folks here.

 

Just for the record, I really like Windows 7 and have no desire to change it. I wouldn't want to touch newer versions of Windows, especially Windows 10 (which I loathe for a very long list of reasons). When Windows 7 support is discontinued in 2020, my plan is simply to disconnect my computer from the internet and use a second cheap computer for online stuff, that way no malware can ever get onto my main computer as it won't even be plugged into the internet and no new software will go near it unless it's been thoroughly scanned.

 

pr88, Your reply was extremely helpful, thanks so much! :) You asked about "Let me choose" installing stuff without being asked. Sorry, I honestly can't remember whether this happened to me, or I just read about it online. I think it's probably more likely that I just read about it.



#11 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:54 PM

Posted 12 December 2017 - 10:49 AM

I wouldn't want to touch newer versions of Windows, especially Windows 10 (which I loathe for a very long list of reasons). When Windows 7 support is discontinued in 2020, my plan is simply to disconnect my computer from the internet and use a second cheap computer for online stuff, that way no malware can ever get onto my main computer as it won't even be plugged into the internet and no new software will go near it unless it's been thoroughly scanned.


Then it would be very much worth your while to start exploring the Linux or Mac ecosystems.

What follows is not a personal criticism, but a general criticism of the idea of having a computer not connected to the internet. You have to ask yourself, realistically, how much you do on your computer that does not involve a connection to cyberspace? I get updates still for MS Office 2010, many security related, that require being online and the vast majority of my computer use involves either e-mail or web surfing. I know of very, very few people to whom that "vast majority" does not apply.

When forced to think about it, most folks I know who've thought of doing what you propose to do come to the conclusion that a computer not connected to cyberspace is like a landline phone not connected to a phone jack: unusable for all practical intents and purposes in daily life.

Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 


#12 RolandJS

RolandJS

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:09:54 PM

Posted 12 December 2017 - 01:01 PM

The only WUs I have not accepted over the years:  those wanting to update hardware drivers.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,284 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:54 PM

Posted 12 December 2017 - 01:51 PM

Or updates to get folks to upgrade to Windows 10 when they are content with the OS they have.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Ghostbusters2

Ghostbusters2
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 12 December 2017 - 05:51 PM

realistically, how much you do on your computer that does not involve a connection to cyberspace?

Well as a matter of fact I've just spent the last 6 months without internet and I barely missed it. (I'm back online again now, which is why I'm thinking about security.)

 

When forced to think about it, most folks I know who've thought of doing what you propose to do come to the conclusion that a computer not connected to cyberspace is like a landline phone not connected to a phone jack: unusable for all practical intents and purposes in daily life.

 

I guess we're all different. To me, the web is useful, but it's only one small part of my life.

None of the programs I use require security updates, since they don't run files that could contain viruses. Almost all the files I open are ones I made myself (I use my computer as a creative tool). The only files I download are a simple files like JPEGs, MP4s, audio files and fonts. I would never touch MS Office. So I think I could just unplug the internet and carry on with Win7 the rest of my life. Plus I also keep backups in a separate location. So I think I'm covered :)



#15 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 7,534 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:10:54 PM

Posted 12 December 2017 - 10:40 PM

Ghostbusters2,

 

         I have no doubt you know your needs better than I do, that's for sure.

 

         That being said, you are an outlier on the bell curve.  When I give advice or opinions with limited information available I use what my own professional and personal experience both suggest are "the typical user situation" as the basis for same.


Brian AKA Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

 

     In a modern society where everyone thinks their opinion deserves to be heard nothing annoys me more than individuals who mistake their personal preferences for fact.

         ~ Commenter TheCruyffGurn on the The Guardian website, 8/13/2014

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users