Hi @pf100 after setting Configurator script to (N), do you think ms still can force some automatic updates?
Good question. Probably yes. But who knows? Hopefully I'll hear some feedback on the configurator soon.
Especially for those who are preparing for the transition to Spring Creators Update. Microsoft has added a new service - WaaSMedicSvc (Windows Update Medic Service). As the name implies, this "medic" is intended to "treat" the intervention in the process of obtaining updates. For example, look at the contents of the "Schedule Scan" parameter at: HKLM\SYSTEM\WaaS\WaaSMedic\TaskStore Maybe there is something else. While it's not known what can be the best choice - removing or disabling this service...
It's probably better if this service is enabled when WUMT runs and then disabled permently on script close/WUMT close. Just to be on the safe side.
I just checked Windows 10 Pro 1709 in VM and I can't find the service anywhere. Also no such key in register
Access to this post is restricted! You're trying to open the post, written by @shewolf, but unfortunately it was marked as a draft (by the user himself or the UFO)
im on 1607 and both 23814 (Upgrade Assistant) and 23057 ( remsh) are the ones I have disabled tasks for and the work done by your script, no problems here. They keep re releasing them and I have to hide them again tho.
It can be made easier: :: Disable service reg add "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /v "Start" /t REG_DWORD /d 4 /f :: Disable the possibility of uncontrolled service startup reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WaaSMedic.exe" /v "Debugger" /t REG_SZ /d "%WINDIR%\System32\taskkill.exe" /f Regarding the "Schedule Scan" parameter (in "HKLM\SYSTEM\WaaS\WaaSMedic\TaskStore") - this dirty key is protected by permissions. If someone does not find this in 1709 version - I remind you that this is about version 1803 (build 17115.1).
You don't have to worry about protected registry keys if the program they're trying to run won't run (WaaSMedic.exe). I don't trust registry keys unless you can keep them the way you want them. So it's actually easier to remove permissions from WaaSMedic.exe.
Any of the new updates does something vs the script/wumt/wub ? ED: After checking askwoody for a while I applied all of them on 1607 , no problems here.
Question: if I block SIHClient.exe outbound connections can I still download and install updates? The reason I'm asking is that in my VM I blocked SIHClient.exe outbound connections in my firewall. WUMT finds 2 updates but when I tell WUMT to download and install the 2 updates nothing happens EDIT: changing the firewall rule and allow connections makes no difference; still downloading updates doesn't work. Can someone tell me what services/.exe's I have to allow connecting to be able to download updates? Windows 10 version is 1709