Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Disable Windows Update before SP2 comes out.

Status
Not open for further replies.
mufka

mufka

ISP
Dec 18, 2000
587
US
In preparation for the release of SP2 for Windows XP, I want to find a way to disable Automatic Update on XP pcs via group policy. SP2 will be released as a Critical Update therefore, it will be installed automatically on any PC that has automatic update set to automatically install the critical updates. Many problems are expected with the installation of the SP.

I know that I can remove the links to Windows Update on the Start Menu via group policy, but I need to disable it all together.
 
Sort by date Sort by votes
Why don't you just turn off Automatic Updates in System Properties? (Right-Click My Computer -> Properties -> Automatic Updates Tab)
 
Upvote 0 Downvote
Our company has also talked about blocking the windows update website at the firewall temorarily until we can hammer out all of the complications of XPSP2
 
Upvote 0 Downvote
Any of these help?

Location: Computer Configuration\Administrative Templates\Windows Components\Windows Update

Description:
Specifies whether this computer will receive security updates and other important downloads through the Windows automatic updating service.

This setting lets you specify if automatic updates are enabled on this computer. If the service is enabled, you must select one of the four options in the Group Policy Setting:

If the status is set to Disabled, any updates that are available on the Windows Update Web site must be downloaded and installed manually by going to
If the status is set to Not Configured, use of Automatic Updates is not specified at the Group Policy level. However, an administrator can still configure Automatic Updates through Control Panel.





Location: User Configuration\Administrative Templates\Windows Components\Windows Update
Description:
This setting allows you to remove access to Windows Update.

If you enable this setting, all Windows Update features are removed. This includes blocking access to the Windows Update Web site at from the Windows Update hyperlink on the Start menu, and also on the Tools menu in Internet Explorer. Windows automatic updating is also disabled; you will neither be notified about nor will you receive critical updates from Windows Update. This setting also prevents Device Manager from automatically installing driver updates from the Windows Update Web site.



326686 - You Cannot Use Any Windows Update Features

316524 - "Administrators Only" Error Message When You Attempt to Use the Windows Update Site
 
Upvote 0 Downvote
If your company is big enough you might want to consider SUS as an option.
 
Upvote 0 Downvote
Yes SUS is pretty cool. My company's a little frugle so we're not exercising that option. It's a great way to help control windows update without having to physically disable and enable windows update.

If you disable each computer there's a slight possibility that you may miss one or two when you go to reenable and then look at the consequences!![sadeyes]
 
Upvote 0 Downvote
From what I understand, although they are listed as Critical Updates, Windows SP's do not get included in the automatic updates.

There are various discussion groups on the Microsoft site that have been addressing this issue
 
Upvote 0 Downvote
leedscb,

That was my understanding of Service Packs as well.
 
Upvote 0 Downvote
Why will there be complications for Windows XP SP2? Is it just because the servers won't be compatable or be able to recognise SP2 Comptuers until the servers have been updated?
 
Upvote 0 Downvote
Complications? Well up to now Microsoft has released its Service Packs as mostly a rollup of previously relased fixes in a convenient one-pack.
Service Pack Two takes things a step further it contains released fixes but it also makes changes to a lot of default settings attempting to make the machine 'highly secure-less functional' instead of the defaults being 'highly functional-less secure'. Apparently a lot of ills that hit their Windows boxes could be minimized by a little customization of the default settings. The assumption is that Joe User doesn't know what to change and after being told he still can't figure it out. This may be true for the most part but the one place it may not be is in a large organization. In such a place the IT staff may be well aware of issues and have handled them. Now introduce SP2 on lets say a Sunday and watch the fun on Monday as a thousand PC's all become very secure and protective of their users but no one can do anything. Imagine the IT staff dealing with that 'Complication'. The same thing applys if you ARE a tweaker and suddenly your PC starts behaving in a manner you don't want (like maybe I don't want cookies blocked or I have a reason not to use the Builtin Firewall). Its not that SP2 is bad, its just different and warrants a very thorough plan instead of just going in automagically.
 
Upvote 0 Downvote
I am also concerned about users downloading SP2 or it being download to user workstations using Automatic Update. Today I checked the windows updates page on xp and found this notice: "What can you do now to ensure that you get Windows XP service Pack 2?" with the first sentence below reading "The best way to get Windows XP service Pack 2 is by using the Automatic Updates feature in Windows XP". It seems pretty clear that with Automatic Updates on, SP2 will get downloaded and installed along with all the Firewall and security enhancements which could affect various applications.

But like everyone here, I want to test this before deploying it. And we can't test with RC2 since we do not know all the differences between RC2 and the live SP2, and now RC2 is no longer available for download.

Do we really have to turn off Automatic Updates to avoid the calamity of users suddenly finding themselves with all sorts of problems arising out of automatic downloading SP2?

What does Micro$oft have to say about this?

Has any network admin already turned off Automatic Updates on all their XP workstations?
Has anyone found a better solution? We are not using SUS.
 
Upvote 0 Downvote
In our network environment we have two layer, internal/home office and the field.

First line of defense is that windows update has been blocked at the firewall.

In the internal/home office, all PCs have had Automatic Updates turned off.

In the field, we are advising all those with laptops and computers outside or our protected frame relay networks to change their Automatic Updates to Notify me before downloading any updates and notify me again before installing any updates. That way they can pick and choose their critical updates and avoid SP2 until we can fix what it's breaking.

I have the beta release of XPSP2. It definitely has some issue, but I haven't been completely flustered with it. Yes the popup blocker is picky, but you just have to train it or turn it off. The firewall has to be configured but that's really no big deal from a tech perspective. It's a little more involved for non-techies. The only true bugger that we're dealing with is the script blocking. That needs some fine tuning and some of our apps need to have little things here and their adjusted, but I was able to network my XPSP1 with my XPSP2 with no problems so far.

If you're not using SUS, this is an excellent way to keep Automatic Updates the same and yet control what your users download from Microsoft. With SUS you choose what they download and they only download from your SUS server. Their windows update page is redirected to your SUS server by a few registry changes.

 
Upvote 0 Downvote
The Microsoft site has several deployment whitepapers for Service Pack 2. Please take the time to read them, as I suspect some of the guesses in thread above will prove embarassingly incorrect:
In the main, Windows Update will notify the user that the Update is available, but not automaticly download or install it. This is by design.

The bcastner recommendation:

. Even for a single workstation use of Service Pack 2, download the "Network" or complete install and use that.

. When final, consider making a slipstream.

. For RIS and unattended installations, slipstream and redo the images.

. For Release Candidates 2149 or later, you will not have to reinstall. You can do the SP2 final over the top.
 
Upvote 0 Downvote
I want to hold off installing this until we have had time to test its implications across all of our apps. Most of our users get updates from SUS servers, so no problems, I wont approve it until I have tested. Some of our users are mobile, and so get their updates directly from the MS site.

I read that Microsoft will give a registry edit that will stop download of SP2 but allow all other update downloads via automatic updates (SUS or otherwise)

Has anyone come across the details yet?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pjw001
  • Locked
  • Question
Latest Windows Update - End of Service
Replies
2
Views
2K
pjw001
pjw001
K
  • Locked
  • Question
Recover Data Windows 10 1
Replies
2
Views
3K
Rick998
Rick998
Andrzejek
  • Locked
  • Question
How to Disable Google Chrome Password Manager 2
Replies
3
Views
620
combo
combo
VicM
  • Locked
  • Question
Problem updating Windows Explorer
Replies
1
Views
676
Nancycaf
Nancycaf
pjw001
  • Locked
  • Question
Windows 11 Screen Colours have changed (slightly) 3
Replies
14
Views
4K
pjw001
pjw001

Part and Inventory Search

Sponsor

Back
Top