Windows Update on Windows 7 is still a problem

Top 25 free apps for Windows 7 and 8.1

Last time, I griped about Windows Update on Windows 7. Turns out, I left some gripes on the table.

Installing the most recent round of bug fixes, released May 10th, many experienced continued performance problems.

Despite installing the four recommended patches I wrote about previously, Windows Update still ran for a long time for me. 

windowsupdate.downloading.0.pcnt

Windows Update does a lot of computing, but no downloading

On one Windows 7 machine, after it had detected the missing patches, I clicked the button to install them, and waited. And waited. For what seemed like an eternity, the download process sat at zero percent complete (see above), while Process Explorer showed the CPU was busy running Windows Update. 

As before, Woody Leonhard had a suggestion; install a single patch manually, before running Windows Update. The patch, KB3153199, was released this month. It comes in both 64 bit and 32 bit editions. I took Woody's advice and Windows Update ran much faster on subsequent machines. Thanks again, Woody.

But this illustrates an important issue with Windows Update - don't trust it.

The Defensive Computing approach is not not to install patches the day they are released. Too many Windows patches have caused too much grief over the years. Let others find the problems Microsoft did not.

Waiting a few days, gives Microsoft time to pull back or fix any bad patches. It also gives experts, such as Woody Leonhard, time to come up with workarounds to whatever issues crop up.

windows.update.settings

Don't install updates automatically and don't take recommended updates from a stranger

This approach translates to the settings shown above - Windows Update never runs automatically and recommend updates are not accepted.

Just last week, this would have saved Windows 7 users with Asus motherboards. As Woody Leonhard reported, Microsoft changed KB3133977 from an optional to a recommended patch. It's a long story, but the end result was that installing KB3133977 caused a Secure Boot Violation and Windows would not run.

Recommended updates also made news recently when Microsoft abused them to nag and/or install Windows 10 on machines running Windows 7 and 8.1.

Brian Krebs has his own defensive strategy for Windows updates. Writing a few days ago, about the last batch of bug fixes, he said

Anytime there’s a .NET Framework update available, I always uncheck those updates to install and then reboot and install the .NET updates; I’ve had too many .NET update failures muddy the process of figuring out which update borked a Windows machine after a batch of patches to do otherwise, but your mileage may vary.

Lessons learned the hard way.

Trusting Windows Update is part of a larger trust issue that Microsoft faces. For more on that see an article I linked to previously by Trevor Pott in The Register, The 'new' Microsoft? I still wouldn't touch them with a barge pole

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.