New
#31
Yeah but Edge updates are already stopped by Sledgehammer, that was not point! Point was how to update Edge manually, when you deny all its permissions in properties/security tab and auto updates don't work.
Yeah but Edge updates are already stopped by Sledgehammer, that was not point! Point was how to update Edge manually, when you deny all its permissions in properties/security tab and auto updates don't work.
The thing is that Sledgehammer does not stop Edge Chromium updates in 20H2. At least not for me. Those Edge Chromium updates don't seem to be delivered by Windows Update. I guesss that maybe legacy edge updates are delivered that way but I don't have legacy edge.
What am I missing?
How to update Edge manually? (with blocked Windows update)
I seem to be able to manually update Edge with Sledghammer blocking windows updates.
Which is exactly what you asked isn't it?
Did you start scheduled task manually to start update? (after handicapping and imposing your restrictions on edge so that it's not allowed to do anything)
Using built in tools only you would use event management console.I didn't find yet how to log startup of all processes in Windows. Using Windows tools only!
To do so you need to enable auditing of processes.
To enable process auditing press windows key and type gpedit.msc and run as Administrator
Expand: Computer config / Windows settings / security settings / local policies / audit policy
Here enable audit process tracking
You can find process tracking events in event viewer.
When you update Edge manually via "about Edge" it just checks for and downloads the latest version without needing to use windows updates therefore Sledgehammer has no effect on blocking that.
If you want to update manually via Windows Update then you'd need to visit the ms update catalog and download the latest version of Edge.
https://www.catalog.update.microsoft...ch.aspx?q=edge
Then temporarily enable windows update service in Sledgehammer (Option E) and install the downloaded update from command line which is pretty pointless because the manual update method does the same thing without needing to enable windows updates.
If you want to kill Edge for some reason then add whatever entries you need (your choice) from an elevated powershell prompt:
Then disable Edge update services and scheduled tasks.Code:reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdge.exe" /v Debugger /t REG_SZ /d "%windir%\System32\taskkill.exe" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msedge.exe" /v Debugger /t REG_SZ /d "%windir%\System32\taskkill.exe" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe" /v Debugger /t REG_SZ /d "%windir%\System32\taskkill.exe" /f reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdateBroker.exe" /v Debugger /t REG_SZ /d "%windir%\System32\taskkill.exe" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
With that I am done with this thread unless someone else can step in and make sense of what is required.
I did exactly this and it did not work! I filtered 4688, 4689 (could be wrong) don't remember exact numbers from head! And it showed only 12 process per day...
OK thanks, this would work I guess. Now I have latest version - so I can't try it. Maybe uninstall and try to update it later. Don't feel like doing this right now...
EDIT: I found procmon can do that! Will check if something from edge is running EVER...
Last edited by empleat; 29 Mar 2021 at 08:38.