New
#21
Doing Windows update vs. installing new Windows version ?
-
-
New #22
-
New #23
I did some looking around on my PC
Under Windows Settings > Update & Security > Windows Update
It says “* Some settings are managed by your organization”. And “You’re not up to date” and “Your device is missing important security & quality fixes”.
Below that is the box to click on “Check for updates”. Will that just check for security updates since it says I’m missing some? Or will it check for any & all updates waiting?
Under “Advanced options” all the Update options are turned off. So I presume updates will not be forced. And the “Pause updates for 7 days” is a useless option.
Under Windows Settings > Update & Security > Windows Security > Virus & threat protection, it say the last update was 7/25/2020 which is today. How did it do that if updates are supposedly turned off?
-
New #24
-
New #25
Thanks -
Why does it say “Your device is missing important security & quality fixes”? Is that referring to something else such as setting up the Ransomware protection?
Under Advanced options there is a setting under “Choose when updates are installed” for deferring the number of days for quality updates which says these include security improvements. What do quality updates usually contain?
-
New #26
It means you are behind on Security and Quality updates.
Quality updates normally include non-security bug fixes, and enhancements.
Cumulative updates (Patch Tuesday) contain both security and quality updates.
Unfortunately, you can't pick and choose what is in the Cumulative update.
Two tools I would recommend for you -
1. Belarc Advisor
Products: Belarc Advisor
2. Windows Automatic Updates Manager
WAU Manager
We use both on our systems and I think they will make it easier to manage updates.
-
New #27
So far it sounds like holding off on the 2004 Feature Update is recommended until some bugs are fixed. I've always delayed Windows 7 updates for the same reason.
If updates are not being forced because they are turned off, how would I get the Quality updates and the Cumulative (Patch Tuesday) updates?
I'm presuming that enabling automatic updates & then going into Advanced options and deferring the Feature updates but keeping the Quality updates at zero delay would do the job. Or is there a different way? Or are the Patch Tuesday updates going to be automatic like the virus definitions?
I'm familiar with Belarc and will look into WAU manager.
Thanks
-
New #28
When you click Check for updates, everything will be turned backed on, and all updates will be downloaded and installed..immediately.
Otherwise, updates have to be turned on, and deferred for up to 35 days.
If everything is turned off, no updates except virus defintions will be installed...which is the behavior you have now.
Windows Automatic Updates Manager allows you to determine what gets installed when...similar to what you could do in Windows 7.
However, it does not separate anything in Cumulative updates. You get everything in the update.
Our practice for many years is to wait at least 2 to 3 weeks after Patch Tuesday to install those updates...unless there is a zero-day security issue that is being actively exploited.
It's always prudent to do frequent disk image backups, and daily backups of volatile data, in case anything goes sideways.
-
New #29
Thought I had it all figured out.
I made a mistake when I said that under “Advanced options” all the Update options are turned off so I presumed updates will not be forced. I went over the settings to confirm things & none of the Update options actually say that Updates are turned off. There are 3 settings.
1) Receive updates for other MS products when you update Windows. It's turned off & grayed out.
2) Download updates over metered connections (extra charges may apply).
3) Restart the device as soon as possible when a restart is required......
Nothing indicates updates can be turned off. What's the function of delaying Feature Updates for up to 365 days if they're not going to be forced anyway?
As mentioned in another posting, my friend's PC is finally getting updated after about a year or so and he said he never changed any setting.
Is there someplace that indicates automatic updates are disabled by default?
-
New #30
The 35-day (total) delay is what keeps Windows Updates from running immediately.
After 35 days, your updates are downloaded and installed.
If you click Check for updates, it will download and install immediately.
You can turn off automatic updates in Group Policy.
Essentially, that is what the Windows Automatic Updates Manager does for you.
When I check View configured update policies in Windows Update, this is what I see -
Attachment 289675
As of 1903, deferring Feature updates for 365 days is no longer needed.
Feature updates are now in their own section on the Windows Update screen, and downloading and installing them is optional.
As I mentioned above regarding your friend...apparently he was close enough to the 18-month End of Service for the version he was on.
He didn't need to change anything...it's done automatically.
Quote
Related Discussions
