Announcement

Collapse
No announcement yet.

How to stop Windows from updating?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Pete
    replied
    Current HS4 box is running Ubuntu 22.04 and HS4 in Linux and a VB in running Windows Server running HS4 for Windows.

    Newest PC is a Lenova Tiny M900 which also runs Home Assistant VB and Mono CumulusMX (Davis Weather station)

    I utilize Jon00's network manager to manage my 15 Windows tabletop touchscreens. Works great here.

    I am still using HS2 for running two Way2Call boxes / HSPhone on two lines. Each of the HS2 instances run on W2003 server virtual boxes.

    Leave a comment:


  • TC1
    replied
    If you ever decide to upgrade to HS4...

    Click image for larger version

Name:	image.png
Views:	55
Size:	187.7 KB
ID:	1581428

    I have no need for the setting since I run Win7 Enterprise and have already disabled updates on my own.​

    Leave a comment:


  • ecetron
    replied
    I ran HS3 and then HS4 on Server 2012 and 2016 with excellent results until I mover to a Hometrioller Plus.. But the same principles apply to that as well... I have it set to not reboot except on manual restart and I rdp in to kick it when I need to

    Leave a comment:


  • Pete
    replied
    Here prefer to run Windows 2016 standard server. No Windows 10-11 fluff.

    I do run Windows 11 desktop on my tablets and prefer it over Android. That is me.

    I have two running today and only use them for Windows apps and via RDP today. One runs Blue Iris - don't like BI so still also run Zoneminder in Ubuntu 22.04 Linux.

    I did the same for Homeseer 2 running it on Windows server 2003 many many years ago.

    There are a few HS users here running HS3-4 on Windows 2016 server.

    Leave a comment:


  • logbuilder
    replied
    There is a small utility that is supposed to keep windows from updating beyond a certain level. It was designed to keep a win10 machine from updating to win11. I am familiar with the author (Steve Gibson from Security Now on TWIT) and am confident it is not nefarious. I have had it installed for a few months but I'm not confident it fully works. However, I think it is safe to try. Maybe it will work for you.

    The utility is called InControl. Here is a link.
    https://www.grc.com/incontrol.htm

    Here is the wiki about the author.
    https://en.wikipedia.org/wiki/Steve_...ter_programmer)

    Also, thanks to @Coz for the domains to block. I have added them into pfSense with logging so I should be able to see when it blocks them.

    Leave a comment:


  • Wade
    replied
    Originally posted by jono View Post

    Will this give advance notice of a forced Windows 10 (or 11) update?
    That's its primary function. It creates several devices for each monitored PC showing number of updates, description of each, etc. When a PC requires a reboot, the Reboot Required device is set to True so you can be notified and intervene. You can restart using the HS device control if you wish.

    ​

    You can also filter out certain types of updates. E.g., I don't have it notify on Defender Antivirus updates as they self-install without issue.

    There's an executable that runs on each monitored PC that interfaces with the plugin.

    Leave a comment:


  • jono
    replied
    Originally posted by Wade View Post
    jono you might want to take a look at jon00's Windows Update Monitor. I use it to get notification of pending updates on several PCs on my home network so I can install them on my schedule.
    thanks Wade. I love jon00's programs! Will this give advance notice of a forced Windows 10 (or 11) update? That is the problem I'm trying to solve as Microsoft is forcing updates when I'm not around.
    I do note that combining your suggestion with Coz's suggestion could be a good solution if jon00's program is not using the same ip addresses as Coz's method.

    Leave a comment:


  • Wade
    replied
    jono you might want to take a look at jon00's Windows Update Monitor. I use it to get notification of pending updates on several PCs on my home network so I can install them on my schedule.

    Leave a comment:


  • Coz
    replied
    Originally posted by jono View Post

    This is an interesting strategy, but does it prevent knowing about the updates?
    Yes. It blocks everything about updates. The device still tries to update but says it's up to date. When you disable the rule and then click to check for updates, then the updates start.

    For my HS4 device I always wait until a few weeks after patch Tuesday before updating. I figure if there are any major issues, I will see some squawking here.

    As for this recent update window, I'm glad I waited. Right now I'm seeing a lot of new errors on both my desktop and notebook logs. From searching online, looks like MS might have pushed out some dirty updates.

    ​

    Leave a comment:


  • jono
    replied
    Originally posted by Coz View Post
    I originally used the policy settings, but I found it much easier to just block the IP addresses for the updates on the router. When I want to do an update, I just disable the rule.
    This is an interesting strategy, but does it prevent knowing about the updates?

    Leave a comment:


  • Coz
    replied
    I have the following blocked:

    .download.windowsupdate.com
    .update.microsoft.com
    .windowsupdate.com
    .windowsupdate.microsoft.com
    download.microsoft.com
    download.windowsupdate.com
    ntservicepack.microsoft.com
    stats.microsoft.com
    windowsupdate.microsoft.com
    wustat.windows.com

    ​It's not the IP address like I originally said. Those keep changing.

    Leave a comment:


  • logbuilder
    replied
    Originally posted by Coz View Post
    I originally used the policy settings, but I found it much easier to just block the IP addresses for the updates on the router. When I want to do an update, I just disable the rule.
    What IPs do you block? Have you seen them change in the past?

    Leave a comment:


  • Coz
    replied
    I originally used the policy settings, but I found it much easier to just block the IP addresses for the updates on the router. When I want to do an update, I just disable the rule.

    Leave a comment:


  • kenm
    replied
    I used the "set Ethernet to metering' trick on Windows 10 Home for a long time before moving to Win10 Pro and using group policy settings. By setting the Ethernet interface used to access the internet to a metered connections, updates won't be downloaded and a reboot won't be triggered. About every two weeks or so, I'd shutdown HS, force/override the update to download any updates, reboot, and finally make sure everything came back up as expected.

    Leave a comment:


  • jono
    replied
    Thanks Mike. Googling suggested a few ways to do this so I'm interested in what this community has found useful. I'm also nervous about registry edits as well, so I'd like to piggyback off the experience of this community.

    Leave a comment:

Working...
X