Windows Update on Windows 7 is still a problem

Top 25 free apps for Windows 7 and 8.1

Last time, I griped about Windows Update on Windows 7. Turns out, I left some gripes on the table.

Installing the most recent round of bug fixes, released May 10th, many experienced continued performance problems.

Despite installing the four recommended patches I wrote about previously, Windows Update still ran for a long time for me. 


Windows Update does a lot of computing, but no downloading

On one Windows 7 machine, after it had detected the missing patches, I clicked the button to install them, and waited. And waited. For what seemed like an eternity, the download process sat at zero percent complete (see above), while Process Explorer showed the CPU was busy running Windows Update. 

As before, Woody Leonhard had a suggestion; install a single patch manually, before running Windows Update. The patch, KB3153199, was released this month. It comes in both 64 bit and 32 bit editions. I took Woody's advice and Windows Update ran much faster on subsequent machines. Thanks again, Woody.

But this illustrates an important issue with Windows Update - don't trust it.

The Defensive Computing approach is not not to install patches the day they are released. Too many Windows patches have caused too much grief over the years. Let others find the problems Microsoft did not.

Waiting a few days, gives Microsoft time to pull back or fix any bad patches. It also gives experts, such as Woody Leonhard, time to come up with workarounds to whatever issues crop up.


Don't install updates automatically and don't take recommended updates from a stranger

This approach translates to the settings shown above - Windows Update never runs automatically and recommend updates are not accepted.

Just last week, this would have saved Windows 7 users with Asus motherboards. As Woody Leonhard reported, Microsoft changed KB3133977 from an optional to a recommended patch. It's a long story, but the end result was that installing KB3133977 caused a Secure Boot Violation and Windows would not run.

Recommended updates also made news recently when Microsoft abused them to nag and/or install Windows 10 on machines running Windows 7 and 8.1.

Brian Krebs has his own defensive strategy for Windows updates. Writing a few days ago, about the last batch of bug fixes, he said

Anytime there’s a .NET Framework update available, I always uncheck those updates to install and then reboot and install the .NET updates; I’ve had too many .NET update failures muddy the process of figuring out which update borked a Windows machine after a batch of patches to do otherwise, but your mileage may vary.

Lessons learned the hard way.

Trusting Windows Update is part of a larger trust issue that Microsoft faces. For more on that see an article I linked to previously by Trevor Pott in The Register, The 'new' Microsoft? I still wouldn't touch them with a barge pole


Copyright © 2016 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon