Microsoft Security Essentials / Windows Updates Question

[Joe Morris]

I alway set automatic updates to "Never check for
updates." However, something keeps turning it
back on and I suspect it is MSSE. Anyone else
seen automatic updates revert back to "Install
Updates Automatticaly" for any reason and or
know of a fix for this?

I've seen reports of this happening from time to time with no reliable
indication of what triggers them.

You can lock down the no-auto-update setting by simulating a GPO. (I've not
tried this except on business-class systems so it might or might not work on
consumer versions of Win7. YMMV.)

Open REGEDIT and navigate to the key:

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

(You may need to create the last two nodes)

Under the AU node create a REG_DWORD data item named NoAutoUpdate and set
its value to 1.

For (optional) housekeeping, delete the following data items if they exist:

AUOptions
ScheduledInstallDay
ScheduledInstallTime

This change will cause the AU feature to be set to "no automatic update" and
grayed out. It will *NOT* affect your ability to manually invoke Windows
Update from the desktop.

If your system is in an AD environment, a GPO that explicitly enables or
disables automatic update will override the above change. To undo the
change, alter the value of NoAutoUpdate to zero or just delete it.

The usual Dire Warnings About Editing The Registry apply.

I block AU for my users (both domain and workgroup) because I want them to
use the patch update package my department builds, which usually doesn't go
out until it's been given at least a short eat-your-own-dog-food test by
everyone in the department. That's saved us a few times when we find an
update that misbehaves, and gives the Help Desk some confidence that a user
doesn't have some odd update that Microsoft snuck into the WU distribution.

As another poster in this thread noted, if you do block autoupdate you
really, truly, positively MUST have in place some other mechanism to quickly
get the updates into your system unless you have other controls to mitigate
the vulnerabilities addressed by the patches. The bad guys grab the patches
as soon as they're released to figure out what was fixed, and quickly build
malware to exploit those vulnerabilities since they know that many, many
people don't bother to install updates on a timely basis.

Joe

 

[ray]

Swapping one problem for a complete new set of problems is never a
solution.

Exactly. Been using Linux for over seven years - zero problems.

 

[BillW50]

Exactly. Been using Linux for over seven years - zero problems.

What do you call zero problems? I have been using Windows since '93 and
Linux that has always been problems. For one, most developers knows
nothing about Linux. And Linux has nothing that I am interested in as
far as applications. So what good is it?

Linux even to this very day has nothing but lack of drivers. I see this
as a problem. Maybe you don't. Almost nobody supports it. Maybe this
doesn't bother you. Heck I have a webcam on my Linux machine and almost
nobody supports it. Maybe not a problem for you.

The best I ever got Linux to do in decades is as a glorified PDA OS. And
frankly, dumbing down a great computer down to just a dumb PDA status
isn't what I call no problems. As I see tons!

 

[ray]

What do you call zero problems? I have been using Windows since '93 and
Linux that has always been problems. For one, most developers knows
nothing about Linux. And Linux has nothing that I am interested in as
far as applications. So what good is it?

There are Linux equivalents for most applications. There are indeed a few
specialized apps which exist only for MS.

Linux even to this very day has nothing but lack of drivers. I see this
as a problem. Maybe you don't. Almost nobody supports it. Maybe this
doesn't bother you. Heck I have a webcam on my Linux machine and almost
nobody supports it. Maybe not a problem for you.

That simply is not true. I've seen new equipment that was supported on
Linux before MS.

The best I ever got Linux to do in decades is as a glorified PDA OS. And
frankly, dumbing down a great computer down to just a dumb PDA status
isn't what I call no problems. As I see tons!

Some folks can screw up a wet dream - you seem to be one.

 

[Tester]

Judging by the reactions I got, I must have hit a raw nerve!
-- choro --

Judging by the attitudes of people here, It's pretty clear to me that
dossers here all have raw nerves wide open to be inflamed.

 

[GreyCloud]

What do you call zero problems? I have been using Windows since '93 and
Linux that has always been problems. For one, most developers knows
nothing about Linux. And Linux has nothing that I am interested in as
far as applications. So what good is it?

Linux even to this very day has nothing but lack of drivers. I see this
as a problem. Maybe you don't. Almost nobody supports it. Maybe this
doesn't bother you. Heck I have a webcam on my Linux machine and almost
nobody supports it. Maybe not a problem for you.

The best I ever got Linux to do in decades is as a glorified PDA OS. And
frankly, dumbing down a great computer down to just a dumb PDA status
isn't what I call no problems. As I see tons!

It will depend on what you need to do. For the casual user, Linux won't
be of much use for them. For me, I used to do a lot of fortran
programming. I can get Intels latest Fortran compiler for free for
linux, but it would cost me a bundle on Win7 or OS X. The VAXfortran
that I still have on a vax4000 is still considered the best that ever
was, but Intel now has almost equaled it. The only part that Intel
can't support is the indexed file access, which is what is native on VMS
file system where I can just create a file and then access in an indexed
file way.

Other than that, there is only one linux distro (Suse Linux) where you
can go to the VLC media website and just click their download and
install button to get a decent DVD player without having to hunt all
over the internet for library modules. Can't tell you how many distros
I've tried that just really didn't cut the mustard. Other than the
fortran compiler, I really don't have a need for Linux.

 

[Paul]

Exactly. Been using Linux for over seven years - zero problems.

Here's a simple test for you Ray. (This happened to me...)

Download Ubuntu 10.10 and burn a boot CD.

Boot the OS on a 1280x1024 resolution LCD.

When the OS starts, the screen resolution is set to 1024x768 and the
GUI tool provided for resolution settings (the "Monitor" program or
XrandR or whatever), offers no more than 1024x768.

Within 30 seconds of usage, I'm already faced with my first "problem".

I bet, with lots of xorg.conf fiddling, control-alt-backspace and the like,
I can fix it. I've been fixing this particular issue as well, while
using various distros in a virtual environment.

Then, let's offer this software product to naive computer users.
The ones who don't know what a shell is, how to edit a configuration
file, how to search the Internet effectively for "recipes" to
fix deficiencies.

Linux is not an OS for everyone. It's an OS for developers.
Thank God I have plenty of shell experiences. I can muddle
through.

Lets try another one. Naive Linux user - "My sound doesn't work".
I get to enjoy fixing that one as well. Loads of fun.
And so easy too. The Linux sound architecture is so
transparent and easy to understand. Pulse, Alsa, Jack, ESS ...
What part of the plumbing is busted ? We're not really sure.
Program X works, and no sound comes from Program Y.
What setting do I change ? Is there a fix ?

Some users have proposed solutions to the sound mess,
but nobody was listening. Pulse isn't the answer,
especially not on older (gutless) systems.

Linux would be fine for someone who was complacent enough
to accept whatever crap you fed them. "My sound doesn't work ?
Oh, well. No tunes for me I guess...". Maybe that's the
market for Linux ?

Paul

 

[ray]

Here's a simple test for you Ray. (This happened to me...)

Download Ubuntu 10.10 and burn a boot CD.

Boot the OS on a 1280x1024 resolution LCD.

When the OS starts, the screen resolution is set to 1024x768 and the GUI
tool provided for resolution settings (the "Monitor" program or XrandR
or whatever), offers no more than 1024x768.

Within 30 seconds of usage, I'm already faced with my first "problem".

I bet, with lots of xorg.conf fiddling, control-alt-backspace and the
like, I can fix it. I've been fixing this particular issue as well,
while using various distros in a virtual environment.

Then, let's offer this software product to naive computer users. The
ones who don't know what a shell is, how to edit a configuration file,
how to search the Internet effectively for "recipes" to fix
deficiencies.

And when was the last time you installed MS from scratch - that went
absolutely perfectly, right?

I never meant to imply that Joe Sixpack would do a proper install the
first time - as with any OS, it's best to have someone who knows what
they are doing install it. However, once properly installed, I've never
seen anyone have a problem - including the several hundred patrons at the
local library using Linux on 14 internet access computers.

Linux is not an OS for everyone. It's an OS for developers. Thank God I
have plenty of shell experiences. I can muddle through.

That, of course, is B.S. We've had several hundred patrons at the local
library who've never had an issue. A customer satisfaction survey
revealed no problems and a number of patrons who were not aware they were
NOT using MS.

Lets try another one. Naive Linux user - "My sound doesn't work". I get
to enjoy fixing that one as well. Loads of fun. And so easy too. The
Linux sound architecture is so transparent and easy to understand.
Pulse, Alsa, Jack, ESS ... What part of the plumbing is busted ? We're
not really sure. Program X works, and no sound comes from Program Y.
What setting do I change ? Is there a fix ?

See above.

Some users have proposed solutions to the sound mess, but nobody was
listening. Pulse isn't the answer, especially not on older (gutless)
systems.

Linux would be fine for someone who was complacent enough to accept
whatever crap you fed them. "My sound doesn't work ? Oh, well. No tunes
for me I guess...". Maybe that's the market for Linux ?

Paul

Much better for folks "complacent enough to accept whatever crap you fed
them" to use MS. Start up the computer - I'd like to make a document - no
problem, off to the store and pony up a few hundred dollars for MS
Office. I'd like to edit a photo I just took - no problem, off the the
store and a few hundred more dollars for PhotoShop. Yes, you can
certainly install open source products, except that the person won't have
any knowledge of such and the helpful clerks at the local computer store
won't enlighten them. With Linux, it's all included from the get-go.

 

[Paul]

That, of course, is B.S. We've had several hundred patrons at the local
library who've never had an issue. A customer satisfaction survey
revealed no problems and a number of patrons who were not aware they were
NOT using MS.

OK, so now we've hit the heart of the matter.

Your "several hundred patrons" have support. They're going to be
much happier, if some shell-aware individual has ironed
out the problems for them, tweaking and tuning so it is
usable.

The suggestion in this thread, was to "go install Linux and... enjoy".
Now, if that user doesn't have a "support contract",
will that user be as happy as your library patron ?

Probably not.

If you suggest Linux to someone else, be prepared for them
to be phoning you for help. There are too many rough
edges, to using a distro out of the box.

Enough rough edges, that I ended up using Gentoo for a
couple installs here, where I had enough control to undo
some of the damage done by the people making the distros.
Ubuntu is particular bad for this, making high handed
decisions that piss off the users. (Audio, being the
area of contention.) At least with Gentoo, I had some
control (USE options).

Paul

 

[VanguardLH]

Judging by the reactions I got, I must have hit a raw nerve!

All hail choro, our new temporary god of wisdom, whose orations are to
be obeyed regardless of how irrelevant they are. All hail choro.

You aren't that important. You didn't hit anyone's sore nerve. You
made a fool of yourself and we chose to laugh at the village idiot. You
know, they even have entire TV shows about folks committing blunders.
You're on the Usenet channel. Rather it was humorous that you were so
willing to expose that you had no intent to help and puked out an
irrelevant response. That's why I chose a humorous response. Most
folks don't deliberately announce their blunders.

Linux proselytizers posting in Windows groups almost always shoot
themselves in their own foot. You think those that see the ignorant
reply aren't going to laugh at them? The same happens to the Windows
proselytizers in the *NIX groups. The proselytizers don't offer usable
solutions, don't prove their tenets, and provide no technical expertise
but are just there to defend their personal choice for an OS for some
unknown reason other than maybe egotistical joy at flag waving. You
degenerate your reputation by posting such an obvious idiotism.

Look at your reply. Then consider the "format your drive" replies
typical of the Dan C troll. Do you really want to devolve into a Dan C
clone? Or is choro just another nym for Dan C?

 

[VanguardLH]

According to this, installing MSSE does turn Windows Update back on.

http://www.infoworld.com/t/anti-vir...-installer-zaps-automatic-updates-setting-804

Just for grins, I uninstalled MSSE, set Windows update to never, installed MSSE and Windows update was set back to automatic.

Must be happening to somebody other than me for the article to get written.

Oh, so now the conditions have changed from USING the product to
INSTALLING it. You said, "something keeps turning it back on". Well,
if you're now going to focus on the installation stepping atop current
configuration then apparently you "keep reinstalling MSSE" which is not
the typical scenario with any user for any product.

This isn't a new event with Microsoft or with other software vendors.
Installation of any software can step atop the current configuration
settings. Most users don't keep repeating an install-uninstall to then
become repeatedly encumbered with how the installer may step on current
settings or how the uninstall doesn't revert them back. This happens
for QA folks testing a product through multiple alpha versions but
repeated installs and uninstalls are not typical of customers.

Per the article, "running the MSE installer zaps out your setting and
switches Windows over to Automatic Updates". That was not the condition
you implied in your post, especially when referring to a *repeating*
problem.


Note: Your NewsLeecher client should be configured to physically wrap
lines at 72-76 characters in lenght.

 

[ray]

ray wrote:



OK, so now we've hit the heart of the matter.

Your "several hundred patrons" have support. They're going to be much
happier, if some shell-aware individual has ironed out the problems for
them, tweaking and tuning so it is usable.

The suggestion in this thread, was to "go install Linux and... enjoy".
Now, if that user doesn't have a "support contract", will that user be
as happy as your library patron ?

Probably not.

If you suggest Linux to someone else, be prepared for them to be phoning
you for help. There are too many rough edges, to using a distro out of
the box.

I did not - someone else did. However, I'd be more than happy to help.
Been on call at the library for four years - zero calls. At least once a
Linux distro is running, you can count on it - unlike the OP on this
thread

Enough rough edges, that I ended up using Gentoo for a couple installs
here, where I had enough control to undo some of the damage done by the
people making the distros. Ubuntu is particular bad for this, making
high handed decisions that piss off the users. (Audio, being the area of
contention.) At least with Gentoo, I had some control (USE options).

Paul

Ubuntu is not necessarily all it's cracked up to be. Recently they've
done a few things I didn't care for - I've migrated to Debian - solid as
a rock. I would hardly recommend Gentoo for a newbie. I used it for
several years on a mini-itx box because I could fully optimize it's
performance. The rolling updates are an attractive feature, though.

 

[chet]

Oh, so now the conditions have changed from USING the product to
INSTALLING it.

Part of using a product is installing it... unless of course you have some automagic
method of using MSSE witout installing it that you would like to share.

You said, "something keeps turning it back on". Well,
if you're now going to focus on the installation stepping atop current
configuration then apparently you "keep reinstalling MSSE" which is not
the typical scenario with any user for any product.

I have also had it revert back as part of normal use. Just the other day, coming out of sleep
mode my PC was very sluggish. Sure enough there was WU telling me I had updates ready. It has
happened enough times I thought I would raise a question in the group. Excuse me for thinking
if the install can reset it, something in it's day to day usage might too.

I can't recall ever installing any product that reset configurations settings other than those that
pertain to its' own registry and or congigurarion files. Not saying it does not happen...
just saying I don't recall witnessing it.

Chill out dude!~

 

[Gene E. Bloch]

Judging by the reactions I got, I must have hit a raw nerve!
-- choro --

Judging by the above post, you didn't understand mine.

It was humor. A joke. Whimsy. Kidding around. That's all.