In theory, when Windows 10 version 1903 rolls out in late May, we’ll suddenly have tools at hand that’ll make it easy to temporarily turn off automatic updating. I’m not yet convinced that all will be milk and honey, but for now there’s every reason to take control of your machine and turn off automatic updating. Wait for the dust to clear before you apply the next round of patches.
By introducing new patch-blocking capabilities in Win10 version 1903, Microsoft’s implicitly acknowledging what you and I have known for a long time: Windows (and sometimes Office and .NET) patches have a nasty habit of clobbering machines. It makes no sense to join the first line of cannon fodder. Far better to wait and, if the coast is clear, patch when millions of our compatriots have participated in the grand unpaid beta test.
That’s what cannon fodder’s for, right?
Blocking automatic update on Win7 and 8.1
If you’re using Windows 7 or 8.1, click Start > Control Panel > System and Security. Under Windows Update, click the "Turn automatic updating on or off" link. Click the "Change Settings" link on the left. Verify that you have Important Updates set to "Never check for updates (not recommended)" and click OK.
Blocking automatic update on Win10 Pro
If you’re using Win10 Pro version 1709, 1803, or 1809, I recommend an update blocking technique that Microsoft recommends for “Broad Release” in its obscure Build deployment rings for Windows 10 updates – which is intended for admins, but applies to you, too. (Thx, @zero2dash)
Step 1. Using an administrative account, click Start > Settings > Update & Security.
Step 2. On the left, choose Windows Update. On the right, click the link for Advanced options. If you’re using Win10 version 1803 or 1809, you see the settings in the screenshot.
Microsoft
Blocking Windows 10 updates can head off the introduction of nasty bugs.
Step 3. To pull yourself out of beta testing (or, as Microsoft would say, to delay new versions until they’re ready for broad deployment), in the first box, choose Semi-Annual Channel.
Microsoft declared that its old terminology is no longer in effect, then later declared that Win10 version 1809 is Semi-Annual Channel – using the old terminology – and thus ready for widespread deployment. Who knows? Even though I’ve upgraded my production machines to 1809, I can certainly understand if you don’t want to.
Step 4. To further delay new versions until they’ve been minimally tested, set the “feature update” deferral setting to 180 days or more. That tells the Windows Updater (unless Microsoft makes another “mistake,” as it has numerous times in the past) that it should wait until 240 days after a new version is released (60 days nominally waiting for Semi-Annual Channel + 180 days deferral) before upgrading and re-installing Windows on your machine.
I have a feeling the terminology will change again in the next month or two. Don’t sweat it.
Step 5. To delay cumulative updates, set the “quality update” deferral to 15 days or so. (“Quality update” = cumulative update = bug fix.) In my experience, Microsoft usually yanks bad Win10 cumulative updates within a couple of weeks of their initial release. By setting this to 10 or 15 or 20 days, Win10 will update itself after the major screams of pain have subsided and (with some luck) the bad cumulative updates have been pulled or re-issued. Notably, in February 2019, it took Microsoft 18 days to fix its first-Tuesday bugs.
Step 6. Just “X” out of the settings pane. You don’t need to explicitly save anything.
Step 7. Don’t click Check for updates. Ever.
If there are any real howlers – months where the cumulative updates were irretrievably bad, and never got any better, as they were in July 2018 – we’ll let you know, loud and clear.
Tired old approach for Windows 10 Home
We’re hearing a lot of promises about the ability to delay cumulative updates in Win10 Home version 1903. I’ll believe it when I see it. The promises so far don’t match what we’re seeing in the latest beta builds, so I don’t know where we’re headed.
If you have Win10 Home, your only reasonable option is to set your internet connection to “metered.” Metered connections are an update-blocking kludge that seems to work to fend off cumulative updates, but as best I can tell still doesn’t have Microsoft’s official endorsement as a cumulative update prophylactic.
To set your Ethernet connection as metered: Click Start > Settings > Network & Internet. On the left, choose Ethernet. On the right, click on your Ethernet connection. Then move the slider for Metered connection to On.
To set your Wi-Fi connection as metered: Click Start > Settings > Network & Internet. On the left, choose Wi-Fi. On the right, click on your Wi-Fi connection. Move the slider for Metered connection to On.
If you set your internet connection to metered, you need to watch closely as the month unfolds, and judge when it’s safe to let the demons in the door. At that point, turn “metered” off, and just let your machine update itself. Don’t click Check for updates.
While you’re thinking about patching Windows, now’s a good time to download and squirrel away an official, free copy of Win10 version 1809.
We’re at MS-DEFCON 2 on AskWoody.