How to find out more about Windows updates before you install them
While there are certain categories of Windows Updates that I would call mandatory to install, security patches come to mind first and foremost, there are other updates that are not required to operate the system or beneficial to it.
A prime example of this is the "get Windows 10" update that pushes the notification to machines running previous versions of the Windows operating system. Others include new telemetry updates for Windows 7 and 8, but also updates that may cause issues on some systems.
Windows users and administrators who want to upgrade the system to Windows 10 may find them useful but users who don't, certainly won't.
It is often better not to blindly trust companies, and it does not really matter if it is Microsoft, Google, Apple or any other big player in tech; if you want to be on the safe side of things, you better make sure that what you install on your devices is not taking advantage of you or installing functionality that you don't require.
So how can you be sure that the updates that Windows Update finds for your PC and operating system are needed or beneficial?
There is unfortunately no quick option to list all updates and their purpose. One of the first things you may want to do is block the automatic installation of updates on the system. If you don't, updates will get installed automatically which in turn means that you don't have time to research them prior to that.
Configure Windows' update behavior
One of the better ways to define how Windows handles system updates is through the Group Policy Editor. While you find options in the Registry and the Windows Update tool as well, it makes things a lot easier and gives you better control over the process.
Note though that the Group Policy Editor is only available in Professional, Business, Ultimate and Enterprise editions of Windows.
- Tap on the Windows-key, type gpedit.msc and hit enter. You may get an UAC prompt which you need to accept.
- Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Windows Update.
- Locate "Configure Automatic Updates" and double-click on the entry.
- Switch its state to enabled, and set it to "notify for download and notify for install" under "configure automatic updating".
- Click on the ok button to save the change.
Research updates available for your Windows PC
Now that you have configured the PC to only inform you about updates but not to download and install them automatically, you have enough time to research them before you make decisions.
Since there is no quick option to find out about an update in the Windows Update client, you need to do it all manually.
Updates are listed with a KB ID usually in Windows Update which we will use to find out more about them.
Instead of using search to find out more about it, you may want to start doing the following:
- Paste https://support.microsoft.com/en-us/kb/ into your web browser of choice and add the KB ID of the update afterwards, e.g. https://support.microsoft.com/en-us/kb/3088195 for KB3088195.
- This opens the Microsoft Support site revealing information about the update.
While that is helpful most of the time, it sometimes falls short. Updates may get released before the Support page is published which means that you will get an error when you try to open the page. In addition to that, you may get zero information about the update or what it does on the page.
If that is the case, you may want to run a search for the KB ID on the Internet to find out more about the update. The best way in my opinion is to search for KB3088195 but you may want to try KB 3088195 as well (replace the ID with the actual update ID).
Tip: We try our best to list all updates on Microsoft's Patch Day. These link to support articles directly so that you may want to use those first as it may be more convenient.
Now You: Do you research Windows Updates before you install them on your system?
Yeah, I’ve gone from, 15 years ago installing everything; to reading the KB article of every update, then saving the installer to disk – initially because of the low speed and high cost of dial-up as much as anything else – not installing driver updates, and only rarely ‘Optional’s, while trusting the ‘Important’ updates more and more. Became a habit, I guess, and I’d never stopped doing it until these last few months. But I never had to read between the lines; try to spot the intentionally-misleading ones; search the net to find out what an ‘Important’ update probably or actually is, though there is a KB article for it. I mean, as I recall, in the slow ol’ good ol’ days, if the KB article was less clear than you’d hope, you could always find the real information at Technet. Now it’s more work and it’s more stressful on account of the anger, watching them so openly trying to screw us. But, hey, it’s just business! And you can say that in the voice of Don Corleone, or Tony Soprano, and you can laugh at the naivety of long-term customers who thought there was a degree of mutual respect involved, an appreciation by Microsoft for the loyalty of the die-hard Windows users; for the people who gave their support, for free.
They say there’s no honour amongst thieves. It’s true. A thief will treat you like a confederate – until the most money now to be made is by selling you down the river. Now Microsoft are selling _us_ down the Swanee, with a big ‘FU’, sneering all the way to the bank. The bunch of.
No. That was iirc the first bricking by Windows 10 RTM, with an Nvidia driver. I don’t believe there is such a thing as an ‘Optional’ update in Win 10.
Can optional updates like those for (hardware) video cards be disabled? If they cannot then that is a deal breaker for me.
Yes, you can block generic drivers Microsoft presents from installing under Windows 10 Home. I did so for all except for my brand laptop, which was an error on my part. I want to block ALL generic drivers, and when I figure out how I did it, I’ll reply here.
http://www.howtogeek.com/223864/how-to-uninstall-and-block-updates-and-drivers-on-windows-10/ and
http://www.theinquirer.net/inquirer/news/2419404/microsoft-releases-patch-to-stop-windows-10-installing-all-drivers-unilaterally
are close to what I did, but not exactly.
On my Win 8.1 system, there is a “More info” link on each and every update that appears in Windows update. Click that link and it will open up an MS page describing in sordid detail everything about the fix/patch.
However, IMO, we should not have to go to a webpage for each and every update to see what it does from a high-level view.
Every update should say what it does in a sentence below the update. Wasn’t this the way things worked in Win/XP?
No, Windows Update as a Windows app has pretty much always listed “A security issue has been identified…” or “Install this update to resolve issues in Windows…” next to each update.
You have to go back to the Windows 2000/98 days to get the Windows Update Internet Explorer page, with detailed descriptions of what each update does.
“Note though that the Group Policy Editor is only available in Professional, Business, Ultimate and Enterprise editions of Windows.”
GPE can be enabled in Win 7 Home versions (and I assume Win 8.1 non-pro too). Search google for enable group policy editor windows 7, and you’ll get plenty of results.
When I did the Group Policy hack on Win 7 Home, it didn’t actually do anything. Like Norton Antivirus 2000 oem – looked like it worked because it gave no error messages (I used the files from my Win 7 Pro). You’ve proven that it works?
It’s not very polished and there are security issues related to the old tech it relies on, but there is a project to automate the flagging and removal of windows telemetry/nagware updates using the Windows Script Host here https://github.com/KOLANICH/CleanUnwantedUpdates. I don’t personally recommend it in its current state, however I do like the idea behind it.
As for removing telemetry and nagware updates, I suggest using the BlockWindows script https://github.com/WindowsLies/BlockWindows , however it has been lax in updates and will only really remove them up until a month ago as of the time of this posting. The latest nagware pushed by windows is in the following updates:
https://support.microsoft.com/en-us/kb/2952664 (Compatibility update for upgrading Windows 7)
https://support.microsoft.com/en-us/kb/3035583 (Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1)
and possibly linked
https://support.microsoft.com/en-us/kb/3083710 (Windows Update Client for Windows 7 and Windows Server 2008 R2: October 2015)
You can remove them by running “wusa /uninstall /kb:[UPDATE NUMBER]” in the command prompt.
Typing a KB number into search engines allows the “wisdom of the crowd” to operate in my favor, but first I let the fixes age a week or three so that unintended consequences have time to show up.
Besides Ghacks, the two links I find most useful are:
http://www.sevenforums.com/
http://www.infoworld.com/author/Woody-Leonhard/
I never checked updates before MS started pushing Windows 10. Now I do because I don’t want the nagware nor the telemetry updates.
GPC isn’t available in Pro.
Doesn’t sound like too many people deal with LInux updates. Microsoft delivers a KB that “breaks” a few systems–mind you, not all systems, just some with outdated hardware or a poor user configuration–and the tech community goes nuts. Linux distros such as Ubuntu, Mint, Pinguy, Debian, SLAX, Fedora, etc. deliver an upgrade that renders a computer completely, utterly useless along with completely and utterly destroying all of the personal data on the computer and no one says a word.
Maybe more LInux updates, upgrades, patch day information would help the users of Windows understand that “updates” from both Microsoft and the Linux community can really “fuck up” a machine.
Difference is with Windows 10 updates are mandatory, afaik Linux updates aren’t
Also it would be nice to know where you came up with the claim that Microsoft updates only breaks a few systems, and that the systems that it does break are using outdated hardware or a poor user configuration.
Add to that where you got the claim that a Linux upgrade rendered a computer completely and utterly useless, destroying all personal data on the computer.
Yesterday when I was running Windows Update manually on my extra laptop, there was no longer a list of updates, just a box where the list usually appears saying that I had to upgrade to Win-10 before I could install updates. No matter how I tried to sidestep that box, it always popped back up. I don’t even know if this is legal, but certainly not ethical. If anyone knows how I can resolve it please let me know.
In the meantime, I started some research and found how you can ‘turn off’ telemetry altogether through the Administrative Services without having to fuss with uninstalling the ‘bad’ updates and then hiding them. Here are the two websites I found that are useful. If someone can comment on these I think it could be a great relief to those of us who are totally fed up.
http://windowsitpro.com/windows-10/how-turn-telemetry-windows-7-8-and-windows-10
http://superuser.com/questions/972501/how-to-stop-microsoft-from-gathering-telemetry-data-from-windows-7-8-and-8-1
Thanks for info but hassle such that I’ll let Big Bro Bill mess with my PC for now. Will check this link to Patch Day. Also dslreports.com usually has a Forum user or two post info about Patch Day meanings. A headline will link to topic shown on right hand Topics list. They do a good job breaking down meanings & especially a warning if a KB is faulty or ‘dangerous’.
yes the Wait & See approach to Windows Updates seems most practical — initially treat them as Beta versions released publicly. Only after use/testing by millions of end users can you find valid feedback.
One-week is absolute minimum to even consider installing new Windows updates on typical consumer machines. I’ve never encountered any problem by delaying or ignoring Windows Updates and I personally never encountered anybody who did. I usually install updates each 3-6 months on several PC’s in daily use. Software security updates generally are important, but the risks are widely overstated to First-World users IMO.
We now know why Microsoft is so vague in describing their updates, but it is surprising that there are no internet sources that clearly & fully describe such updates in plain language… even months after the updates are released.
Nice job creating an atmosphere of mistrust and suspicion regarding your products Microsoft. If your goal was to shoot yourself in the foot, might i say you have impeccable aim.
I find support.microsoft.com useless most of the time, especially regarding Windows Updates.
I check the KBs, like most of us I guess, with search engines. Sometimes there is a consensus sometimes not; when not, I don’t install and wait until available information appears free of doubt to install a “healthy” update.
We do all realize — I’m insisting on this because with time we get used to so many things — we do realize what is happening since Microsoft decided to turbo promote and push its Win10 half-caked OS : a user committed to his privacy, to his liberty of choice, is no longer able to trust Microsoft : is no longer able to trust Microsoft. October 2015 and we are not able to trust Microsoft.
I wonder what Bill Gates thinks of what has become of his creation.
Bill Gates would think nothing of it. This is a different “Microsoft” than the one when Bill was in charge. They only share a similar name.
oh come on. even in the “good old days” we were talking about “microsoft phoning home” and were using things like xp antispy to curb some of those tendencies. of course privacy is getting more relevant the more connected our devices are, the more mobile and social and personal they are. of course microsoft changed, it had to, but saying that they only share a similar name is an exaggeration par exellance.