Windows Update service restarts automatically to ensure system updates are applied.
Windows Update service restarts automatically to ensure system updates are applied.
Hello, usually we stop Windows Update by turning off the service to protect our WAN connection, especially since we have limited bandwidth and want to push updates only to devices with a Dell KACE appliance. We’re not sure why it turns back on sometimes on some user machines. Our network is straightforward—no Active Directory, so we set up devices manually. Do you know if there’s a way to keep Windows Update disabled on these systems? Is there a network-level block we can apply to fix this? I came across this link: https://superuser.com/questions/363120/b...ows-update, but I’m not entirely confident it will work anymore.
It seems you're referring to an outdated IT scenario. To ensure your system runs smoothly, you should place it within a domain. Once that's set up, Windows Server manages updates efficiently—download once and apply them across all machines. You can pause or confirm updates as needed.
If required, configure your enterprise firewall to restrict access from specific IPs for Windows Update and Microsoft servers. Remember to re-enable these services afterward.
Alternatively, consider installing software that continuously monitors the Windows Update service and terminates it upon startup. However, this approach may impact system performance, requiring manual intervention on each machine to restore updates.
Consider using a WSUS server managed by local group policies. This would block PCs from connecting to the server, but they’d keep attempting to reach Microsoft instead if updates are re-enabled. It might seem counterintuitive since the service should be disabled, yet it could trigger the re-enablement process. The issue likely stems from how Windows handles updates when stopped. Deleting the .dll files related to Windows Update is another option, though it raises security concerns. The link you shared provides some guidance on this approach.
It happened to me today too. I hadn’t updated anything in months, so when I logged into my PC it showed updates were pending. I had to reset things myself—disabling event logs and regedit manually. Really frustrating with Microsoft.
It seems they are likely pushing companies to purchase Windows Server and rely on WSUS for management.
If you're a small business with limited hardware, consider setting up a Windows Server, joining a domain, and having a central server for backups. Depending on your setup, explore Volume Licensing options. This approach helps manage updates, run enterprise solutions, generate reports, handle backups, and let staff access systems from any location—like a main PC in the office or boardroom. It’s worth exploring these steps even if Windows Update is disabled, as it can save time and improve efficiency instead of wasting resources on manual fixes.
You have the ability to configure bandwidth restrictions for Windows Update in Windows 10, which helps ease network strain. Navigate to Settings > Update & Security > Windows Update > Advanced Options > Delivery Optimizations > Advanced Options. Also, adjust the Active Hours (Settings > Update & Security > Windows Update > Change active hours) to prevent updates from starting during inconvenient times. Consider enabling a warning feature before system restarts, allowing users to postpone installations or choose a more suitable moment, such as after work or lunch, rather than while they're actively using the system.