Say good-bye to individual patches on Windows 7 and 8

Martin Brinkmann
Oct 10, 2016
Updated • Oct 10, 2016
Windows
|
75

Microsoft will change how patches and updates are delivered to devices running Windows 7 or Windows 8 starting tomorrow.

We have talked about the push towards all-in-one (cumulative) Windows updates in August when the company announced the change.

There is a bit of light and a lot of shadow when it comes to the new system that Microsoft has used for Windows 10 ever since the operating system launched.

Before we look at those, lets recap what changes and how that may affect your updating strategy.

October 2016 Windows updating changes for Windows 7 and 8

windows 7 8 october patch day changes

Microsoft moves from a one patch per issue update model to a cumulative update model known from Windows 10.

The company plans to release two patches in total for devices running Windows 7 or 8: the first is a cumulative security update that includes all security patches of the given month.

These security updates can be downloaded from Microsoft's Update Catalog.

Additionally, a single cumulative update is made available each month that includes all security and non-security updates. This update is made available via Windows Update, but also as a download from the Update Catalog.

For managed systems, updates are also available through WSUS or SCCM.

These monthly rollups are cumulative which means that they include all patches that were added to previous rollup updates. Microsoft plans to integrate all available patches -- that were published prior to October 2016 -- eventually as well so that a single monthly rollup patch installs all patches released for Windows 7 or 8.

Microsoft will make available certain updates separately. This includes update for Microsoft's .NET Framework, and for Internet Explorer 11.

Additionally, driver updates won't be included in those patches, and out-of-band security updates will be published as soon as they are available. They will be added to the next monthly rollup patch and security update automatically.

Microsoft references a third update, called monthly quality rollup. This is a preview update that will include fixes that will be included in the next monthly rollup, and it will be released on the third Tuesday of each month.

Microsoft will release it as an optional update on WSUS, Windows Update Catalog and Windows Update.

The new update strategy

  1. Second Tuesday of a month: Microsoft will release a single security update containing all patches for a given month but only through WSUS and the Windows Update Catalog.
  2. Second Tuesday of a month: A monthly rollup update is released that contains all security and non-security fixes, including all updates from previous monthly rollups. These are released through WSUS, Windows Update Catalog and Windows Update.
  3. Third Tuesday of a month: A preview of the upcoming monthly rollup is released. This is classified as an optional update, and is available through Windows Update, WSUS and the Windows Update Catalog.

What's good about the change

If you look at the new patching strategy you will notice that patching will get easier on first glance provided that things work.

Users who update Windows through Windows Update need to install a single patch instead of several. This may be especially useful when a new system is set up as it may take a while for patches to be retrieved on first use of Windows Update.

The downside

Microsoft's new patching strategy is quite problematic for system administrators and many end users. The past has shown for instance that Microsoft does release patches every now and then that cause issues on the operating system. Some issues caused blue screens or endless reboot loops.

Users could remove the update responsible for that once it was identified, but that is no longer possible when the new updating system hits.

This means that you need to uninstall an entire month worth of security updates, or a monthly rollup update, to resolve the issue.

This leaves the system vulnerable to patched security vulnerabilities that did not cause any issues on the device.

Considering that it sometimes takes weeks or even longer to produce a working patch, this could leave systems vulnerable for a long time.

While that is bad enough, it gets worse.

If you don't trust Microsoft enough because of its actions in the past year -- Get Windows 10 or Telemetry are two headwords -- then you may not want those cumulative updates. The reason is simple: you cannot block updates that you don't want anymore.

If Microsoft would have launched the new patching strategy earlier, no one would have been able to block Get Windows 10 updates and Telemetry updates from being added to a running Windows 7 or 8.1 system unless Windows Update would have been turned off completely prior to the release.

Anyone who wants control over which updates get installed or removed cannot do that anymore. It is either all or nothing, with no middle-ground.

Since the organization will typically be deploying only the security-only fix, see the previous section for full details. In cases where there is a need to deploy one or more non-security fixes, manually approve the latest monthly rollup that contains the needed fixes. This monthly rollup will contain other fixes as well, so the entire package must be installed.

Your options

So what are the options that you have? There are three:

  1. Use Windows Update and install a single cumulative Monthly Rollup patch that includes security and non-security updates.
  2. Disable Windows Update, and download Security Patches through Microsoft's Update Catalog.
  3. Disable Windows Update and don't download and install any patches.

If you pick option 1, you get every update that Microsoft includes in the monthly rollup patches. This includes all security updates, all feature updates and fixes, but also every Telemetry, privacy-invasive or next generation Get Windows 10 update the company produces.

If you pick option 2, you get all security updates but may still run into issues with these patches.You do need to download and install those manually through Microsoft's Update Catalog though, as you can't use Windows Update for that anymore.

You won't get feature updates, and likely won't get the majority of updates that you don't want either. Microsoft did include non-security patches in security updates in the past, which means that there is a theoretical chance that you still get unwanted updates.

Option 3 finally leaves your system vulnerable because of missing security updates. It is however the only option to avoid any unwanted updates on the device.

If you need additional information, Woody over at InfoWorld has you covered.

What Organizations may do

Organizations may join Microsoft's Security Update Validation Program (SUVP) to validate updates before they are released publicly.

Other than that, the options outlined above apply to organizations as well.

Now You: What is your take on the change?

Summary
Say good-bye to individual patches on Windows 7 and 8
Article Name
Say good-bye to individual patches on Windows 7 and 8
Description
Microsoft will change how patches and updates are delivered to devices running Windows 7 or Windows 8 starting tomorrow.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Agent Smith said on October 13, 2016 at 1:05 pm
    Reply

    Martin,
    … there is also another option to block Telemetry and Version updates via GroupEdit. Although I suspect this will be limited to Ultimate and Enterprise versions, but I could be wrong?

  2. Roger Wilco said on October 13, 2016 at 7:31 am
    Reply

    Apple, here I come!

  3. KennyG. said on October 13, 2016 at 3:47 am
    Reply

    I have spent the last year fighting MS and their sneaky, deceitful, illegal behavior toward those who have paid for windows 7.
    MS has tried every way possible to steel windows 7 from those that legally bought it and replace it with windows 10
    MS and it’s window’s 10 along with it’s new Windows update are malware
    I have autopatcher updated to Sept 2016 [ without the roll-ups, saved on 4 hard drives and 2 sticks ], I have gone through all 360+ updates and deleted what I don’t want, that would be MS crap and that’s it
    I will never update windows 7 again [ your option 3 ]
    I have a clean and safe iso in case of problems and backup, backup, backup
    I and all of you will eventually be forced to Windows 10 by MS and lack of drivers for new hardware
    Only for gaming, no private info of mine will ever be on Windows 10, 11, 12, etc or in the cloud for that matter,
    I will only use Linux or another open source O/S with local folders for private info and no cloud
    And yes, my tin foil hat is alive and well

    1. A41202813GMAIL said on October 13, 2016 at 6:03 am
      Reply

      Unfortunately, Your Tinfoil Hat Is Not Alone.

      XPOCALYPSE FOREVER !

  4. A41202813GMAIL said on October 12, 2016 at 10:43 pm
    Reply

    ( From Another Thread )

    I Love My Legacy Tech The More And More With Each Passing Day.

    I Got Blitzkrieged Carpet Bombing Style After APRIL 8, 2014.

    I Finally Got A Guy Who Apologized To All Of Us Luddites For Being A Jerk About It, Because The Tables Have Turned On Him, Now.

    Stupid Jerks Always Forget That KARMA And PAYBACK Are The 2 Most Inseparable Sisters.

    Who Is Laughing Now ?

    XPOCALYPSE FOREVER !

  5. MS NO THX said on October 12, 2016 at 6:51 pm
    Reply

    WinDef/MSE are used to keep non-aligned software away from your system. The sum of applications wrongly labelled as malware is high and these applications are whitelisted after a while. WD/MSecurity Essentials do not need updates, apart when the OS is modified and prevents their interaction. You only need to update the database.

  6. Tanya said on October 12, 2016 at 12:51 am
    Reply

    So what about updates like Windows Defender/MSE? Will they still come separately?

  7. D. said on October 11, 2016 at 6:30 pm
    Reply

    Anybody that did not see this coming has not been paying attention to Microsoft. You had to think in the back of your mind this was coming.

    They know they have updating problems in Windows 10 right now. Some have been fixed but most sound like it is still a big mess. Microsoft doing it right now surprised me for Windows 7 and 8, but not them doing it.

    I hope it is better than what has been going on in Windows 10…

  8. LD said on October 11, 2016 at 5:12 pm
    Reply

    Tnx for your suggestion. They live in the country so it is more than likely not available to them.

    I use Mint as well as Windows, but because I am a retired tech spec they assume that Linux is complicated and only suited to computer rocket science types. They also have been brainwashed by their friends who are also novice users. It is like they have joined a cult.

    Just recently they told me that if Windows breaks, MS is obligated to fix it fast because all the rich companies use Windows. I respond by telling them that all those rich companies have an IT department and a stable of lawyers. My family, like their friends are not aware of Microsoft’s business strategy. They do not understand the cloud and they have no idea where Microsoft is taking their Enterprise Clients.

    Short of an exorcism they will remain Windows users.

  9. Patrick said on October 11, 2016 at 4:47 pm
    Reply

    OPTION 3

  10. Clas said on October 11, 2016 at 2:17 pm
    Reply

    its been over a year since any updates. win7…. running smoothly without any problems or glitches at all. palemoon browser so not a constant fight and more like a pleasant walk in the park. on constantly, everything works, stocks, movies, tv shows, email, searches….everything. i do an image once a week and keep three off the computer. always run sandboxed without the slightest problem. less and less contact with MS. have linux mint as dual-boot but rarely use it. both with palemoon. two computers set up like this. neither one with the slightest problem. but Martin, I enjoy the updates on the ongoing saga of MS. its like a sad comedy now. nothing iot for me, nothing in the cloud. old school, i guess. but newer is not always better and older is not always no good.

  11. Marina said on October 11, 2016 at 2:14 pm
    Reply

    Feeling so angry with Microsucks. As a translator I do depend on Windaft for some of my main tools to run. Even though I have a 2nd PC with double-boot Linux and Win7, it’s not a working solution for me. 25 years of PCs and internet… and this is what we now have? What a shame.

    Thanks for the list of options. I used to do a manual install of security patches only. Will now go with option 3. I used to think that it’s too risky but just the other day talked to another translator who deactivated Win Updates a long time ago and (being a sensible and cautious web user) desaster did not strike. Still… the sense of ‘security’ is long gone.

  12. nIGhT-SoN said on October 11, 2016 at 1:30 pm
    Reply

    More chopping of the branch they are standing on. It looks like Microsoft is trying to push people towards Linux more and more.

    1. buck said on October 12, 2016 at 7:48 am
      Reply

      They are relying on the fact that most Windows users are barely technically literate and have NFI what is really going on here.

      Technology apathy is very prevalent in today’s society, most people are too lazy to even attempt to learn how their consumer devices work conceptually, never mind technically.

      A ripe market for predatory, immorally greedy companies like Google, Apple, Facebook, Microsoft, and the numerous “faceless” Big Data companies lurking just below the surface.

  13. dwight said on October 11, 2016 at 1:03 pm
    Reply

    i keep them all disabled. i got sick of them bricking my computer. plus now they have about 500 since windows 8.1 was released.

  14. anon said on October 11, 2016 at 10:48 am
    Reply

    I don’t care, Microsoft, I have the best OS on the planet -Ubuntu- and there is no need to mess with updates, registry, group policy or whatever. There are no ads or telemetry and it’s free. Just you, your OS and great community if you need help. This is way to get work done. Choose Ubuntu. :)

    1. buck said on October 11, 2016 at 12:04 pm
      Reply

      Ubuntu users have minor privacy concerns of their own (ships with a key logger), but they pale into insignificance compared with the insidious Microborg Collective.

      Anyway, I prefer a rolling distro with the latest versions of all software, drivers and kernels… so Manjaro KDE FTW!

      1. A or B, not C. said on October 11, 2016 at 2:07 pm
        Reply

        @ buck ……. Yes, the Ubuntu Software Center has the logkey keylogger program available for the users to install on their cptrs or install remotely to another Ubuntu cptr which they hv root/sudo access. The users need to enter their Ubuntu sudo/root password b4 the “shipped” keylogger program can be installed on his/her cptr. Keyloggers r mostly used to spy on others’ keystrokes, eg on a shared cptr.

        In comparison, M$’s Win 10 actually ships with a keylogger program already preinstalled into the system. Every keystroke by the Win 10 users is sent back to M$’s servers. M$ only need to call up the keylogger file of an interested person from their data-centers, eg maybe to send the file to the NSA.
        ……. Ubuntu does not ship with a keylogger program preinstalled into the system, ala Lenovo’s Superfish program.

  15. jm said on October 11, 2016 at 1:37 am
    Reply

    I have tried to update Windows 7 the last two months but the only update that comes up is “The Microsoft Windows Malicious Software Removal Tool”, that I will never install.
    I can ‘un-tick’ and hide it and start a new search as many times I like, it’s still
    the only one to appear in the list of updates. This is my last remaining windows computer and tomorrow it too will be running Linux.

    jm

  16. Tony said on October 11, 2016 at 12:38 am
    Reply

    Dear Microsoft:

    You Suck.

    Regards,
    Your former customers.

  17. Maou said on October 10, 2016 at 11:46 pm
    Reply

    Every day it gets “better”, that crazy Indian must hate Microsoft.
    My Windows 8.1 installation is almost a year without updates, I don’t think they will improve Windows 8 anymore so windows update is turned off.
    Nadella can shove his “telemetry” spyware where the sun doesn’t shine.

  18. coakl said on October 10, 2016 at 10:00 pm
    Reply

    I keep Windows Updates turned off 99% of the time. I usually wait at least a week after Patch Tuesday before turning it on and getting the patches. With this new regime, and the quality problems it will likely cause, I’m going to wait two weeks (at least), and get the security-only package. Then, I’ll wait at least two months before I go for the ones with feature updates.

    I think MS is gearing up for Round 2 of Win 10 GWX. This new policy will let them shove it in on many more machines.
    Satya Nadella is like a drug dealer, desperate to push his product on as many victims as possible!

    1. Rotten Scoundrel said on October 11, 2016 at 12:49 am
      Reply

      I too, take that approach but for two or more years, I have been using Macrium Reflect to make an image of the C: drive and any partitions back to the Root before I install any updates. It takes about 4-minutes to make an image as all of our installed programs and data are on an encrypted D: drive. The C: is just the bare win8.1 system and any user-data that programs store on C:

      We only have two devices using win8.1 now as Linux will not run on them, so we are stuck with win8.1 for them.

    2. Tom Hawack said on October 10, 2016 at 10:20 pm
      Reply

      You took the words out of my keyboard. Your schedule seems wise. I’ll be as well keeping an eye on security updates only and only once they’ve proved to be “clean”. As far as GWX is concerned and considering Microsoft’s update/upgrade policy up to now, nothing from that company would surprise me.

  19. c'monM$ said on October 10, 2016 at 9:28 pm
    Reply

    Literally Kicking a dead horse here.

  20. David said on October 10, 2016 at 8:50 pm
    Reply

    While I’m asking for people in-the-know to do things, what about a DVD image that includes all good updates for Windows 7 and 8.1?

  21. Sean said on October 10, 2016 at 8:44 pm
    Reply

    AutoPatcher still works for 7 SP1 and 8.1
    http://www.autopatcher.net/

    1. John in Mtl said on October 11, 2016 at 1:48 am
      Reply

      Thank goodness for that! I updated all my versions of AP (win 7 & win 8.1 x86, x64 yesterday so now I have all the patches up to septembr 2016.

      I’m quite anxious to see what will become of Autopatcher after october. They will likely have the monthly rollup to download and install; but how will they manage for users like me that only want the security rollups that are on the MS Catalog? I don’t think they will be able to link to the Catalog seeing it requires Active-X…

      I’m guessing that in a while, I’ll use AP for all patching up to october and then use the monthly security rollup that is most current for the rest. Makes for 2 operations instead of only 1.

    2. Martin Brinkmann said on October 10, 2016 at 9:24 pm
      Reply

      Since Microsoft won’t release individual updates anymore, new updates cannot be offered as individual patches anymore by AutoPatcher or any third party software.

      1. John in Mtl said on October 11, 2016 at 3:31 am
        Reply

        Martin,

        You may know this or not: Autopatcher is really just a sort of “front end” to the hundreds of web links that go back to Microsoft & other 3-rd party websites to fetch the updates and patches. Once AP analyses your machine, it displays a list of patches that are then downloaded to your local machine. In the olden days of XP, the AP team hosted copies of the patches on their servers until one day MS sent their legal hounds after them. Thereafter, they were allowed to continue to advance the project as long as they only linked to the MS servers.

        So, I speculate that the way AP works now probably won’t change in the future – they will link to those monthly rollups like they always linked to individual KB’s. It might be more problematic for people like me that only want the security updates that will now only be listed in the MS Catalog. The AP guys would have to make a script that only fetched those security updates and nothing else.

        I’m also awaiting what will become of the “MBSA” (Microsoft Baseline Security Analyser) tool – will it work as it always did or will it become another proggie for the bit bin?

  22. infojunkie said on October 10, 2016 at 7:06 pm
    Reply

    Really this doesn’t mean much for me, but it dose me I need to get back to the grind stone of converting people to Linux. Windows 10 update where nightmareish for virtually everyone I knew and they had me move them back to windows 7. I’m going to wager they are going to go for the “disable all” option since their computers and general habits are pretty safe anyway. However it’s not sustainable so sooner or later they’ll need to move to something. Since Windows is a dead option to them thanks to the horribleness which is Windows 10, and they refuse to support apples closed hardware system. That will leave just Linux, unless google comes out officially with their desktop/laptop android/chrome OS. Which truthfully for most of them I think would be a better fit. Really given Linux’s history I really do think desktop Android will evidently be what takes over for the vast majority of people.

    1. Rotten Scoundrel said on October 10, 2016 at 7:12 pm
      Reply

      Seriously? You would trust google? They make their main income billions from scraping data from anywhere and anything.

      “OK, G, you scrape my emails and searches, now please scrape my home PC too.”

      1. A or B, not C. said on October 11, 2016 at 5:09 am
        Reply

        @ Rotten S ……. Well, millions of people r using Google’s Android smartphones/tablets.
        Would u rather use M$’s IE/Edge or Google’s Chrome if u hv only this choice.?
        .
        Bear in mind that Google’s business model is mostly based on displaying ads to users, selling anonymized user-data to marketers n getting commissions when apps r sold by developers. Google hv little interest in spying on their users. M$ may likely hv more interest in spying on their users, eg by cooperating with the NSA ala Yahoo, in order to not be prosecuted by the US govt for their abusive business practices.

  23. Rotten Scoundrel said on October 10, 2016 at 5:48 pm
    Reply

    Now that’s interesting. I have **totally removed IE** from this tablet a year or more back and only use PaleMoon. I just tried the update catalog link, just for a look see and future reference and got…
    “Thank you for visiting the Microsoft Update Catalog
    To use this Web site’s full functionality, you must be running Microsoft Internet Explorer 6.0 or later.
    To upgrade to the latest version of the browser, go to the Internet Explorer Downloads Website.
    If you prefer to use a different Web browser, you can get updates from the Microsoft Download Center.”

    Going to the alternate browser option it wants me to download windows update before doing anything else. Now, being a little cynical and a lot paranoid of msoft, this looks like IE needs to be at least installed to access the catalog even with a different browser.

    So, unless you have IE installed the Catalog is a no-go and the only other option is you need to install windows-update which will no doubt give you the batched updates. You have been assimilated and that then begs the question, “why does IE **HAVE TO BE** at least installed for the Catalog version? Methinks things are going on behind the covers of IE even with the Catalog.

    There’s some alarm bells for ya!

    Now, where did the dog put my tinfoil hat!

    1. Henk van Setten said on October 10, 2016 at 6:23 pm
      Reply

      The Microsoft Update Catalog relies heavily on the use of ActiveX elements, which in fact is a very outdated technology (first version introduced in 1996). And today, Internet Explorer happens to be the *only* browser that fully supports ActiveX. Result of this is that not even Edge, Microsoft’s new Windows 10 browser, will work properly with the Microsoft Update Catalog.

      I really don’t know if there’s any malicious intent behind this unfortunate situation. But of course Microsoft could easily remedy it and update their Update Catalog software to work with something like modern HTML5 technology instead (or even good old still-ubiquitous Javascript, if needs be). So why haven’t they done this already? The answer, I fear, is lost somewhere in the cloud ;-)

      1. Rotten Scoundrel said on October 10, 2016 at 7:07 pm
        Reply

        Henk, is that the Active-X that msoft are blocking for millions of security camera systems world wide, but still allow for their own use. Hmmm, nice.

        Makes me feel all warm and fuzzy about msoft all over again. LOL

  24. LD said on October 10, 2016 at 5:42 pm
    Reply

    My family members are computer novices. There is no package choice for them to make. They get the Kool-Aid package by default. If MS ever borks an update in any Monthly Rollup, it will be lethal for them. They survived GWX on W7 with a great deal of stress and now this.

    I suggested that if they intend to use Windows and not change to something more suited to their ability and needs (like a Chromebook) they will have to accept that W7 is going to be just like W10. I advised to them not install a monthly rollup the month it is released – WAIT and see if there are any reported problems. Unfortunately, the rollups are cumulative so unless MS withdraws a borked monthly rollup and re-releases it, they will have to install the rollup with a borked update anyway. This is not good for novices.

    1. b said on October 11, 2016 at 10:42 am
      Reply

      @LD and @LongRange
      maybe theres an ubuntu study group nearby. check it out. here people gather to help each other, novices and long time users. they can help you to install the newest version. no need to buy a new computer. the OS is very easy to navigate. so much easier than windows. updates work a lot better too. they come in packages on a regular basis.

    2. A or B, not C. said on October 11, 2016 at 4:50 am
      Reply

      @ LD ……. U hit the nail on its head when u said, … ” they will have to accept that W7 is going to be just like W10.”
      .
      Since the majority of Win 7/8.1 users hv rejected M$’s 1-yr free Win 10 upgrade, M$ hv “retaliated” by making Win 7/8.1 to be just like Win 10, eg forced Telemetry updates for Win 7/8.1 cptrs since March 2016(= hiding the updates resulted in Windows Update being borked) n the very likelihood of forced buggy cumulative updates borking Win 7/8.1 cptrs beginning in Oct 2016.
      .
      Seems, Win 7/8.1 users who take Option 1 might as well upgrade to Win 10, which is still available for free from M$. This is likely what M$ r trying to “force” Win 7/8.1 users to do.
      …….Luckily, I’m tech savvy enough to be “forced” by M$ into using Linux Mint 17.3 on an external HDD n keeping my non-updated Win 7 as a secondary OS.
      …….Hopefully, Google’s Fuchsia OS will come to the rescue of Win 7/8.1 users, ie being rescued from Satya Nadella n his Indian cohorts at M$ who r like the notorious gang-rapists in India.

  25. Khidreal said on October 10, 2016 at 5:23 pm
    Reply

    please, MS is taking freedom of choice and people’s liberty away… This computer has windows and it’s ment that my mom keeps it, but don’t expect me to buy anything else from MS… next computer I buy I prefer to buy it with Linux. Since linux lacks a lot of support from companies – for now – buying a linux computer is more likely to be only used for searching things online or work, no gaming so, a 200-300euro budget should be enough to buy decent parts for a computer only for linux.
    I ain’t gonna be MS’s slave, always giving up my information to MS, they keep my history, my logs, they are probably even collecting my logging information on websites… I don’t like that, I use this 2 years old computer, burned my original key of windows 8.1 out of my motherboard to install windows 7 from an old disk I have thinking I would get rid of telemetry and all that. guess I was wrong. time to maybe forget about playing games (flash games still work and steam has great games for linux) and install something like Zorin OS, seems a really good copy of windows 7, but with none of the junk MS is probably thinking about putting into the OS. maybe it’s time to change.

    1. LongRange said on October 21, 2016 at 11:23 pm
      Reply

      Khidreal:
      No, it’s not too late, and that email works. I just checked it and nothing arrived yet. Thanks!!!

    2. LongRange said on October 13, 2016 at 12:27 am
      Reply

      Khidreal: as requested here is an email to reach me. – R.Davenport@zoho.com
      Your offer is much appreciated.

      1. Khidreal said on October 21, 2016 at 10:03 pm
        Reply

        it’s a bit late, LongRange, but I hope that mail still works, I sent you some info. it’s a bit messy or not that clear cuz I have lots of work, but any question just send me back any mail and I’ll reply ASAP (usually each weekend).

    3. LongRange said on October 10, 2016 at 6:33 pm
      Reply

      I’m on-board with you. If you have any sources for pre-installed Linux computers, please post.

      1. A or B, not C. said on October 11, 2016 at 4:20 am
        Reply

        @ LongR ……. Best to check out the list of OEM cptrs certified for Ubuntu b4 buying a new OEM Windows cptr, so that when Linux is installed on it, either as a standalone OS or a dual-boot with Windows, the Linux OS will 100% work out-of-the-box, …
        https://www.ubuntu.com/certification/desktop/

        Alternatively, u can request the cptr store to let u test out a Live Linux DVD or USB-stick on the new OEM Windows cptr b4 buying it. Usually, it is the drivers for non-essential peripheral devices like Wifi-cards, Sound-cards, non-integrated or extra Video-cards(= for high-end cptrs), DVD-drive, USB ports, Memory-card-readers, etc that may be missing for Linux.

      2. khidreal said on October 11, 2016 at 1:59 am
        Reply

        @LongRange
        with that you mean computers wich you already buy with Linux? well, I never actually found any (physically), but I do find some online. BUT, I DON’T recommend to buy any computer with linux pre-installed unless it comes from a secure and reliable source. why? I found a post many months ago on a website saying that you should not buy them because usually the company tweaks the OS into their concerns or options (for example, since Linux is opensource, they could easily put telemetry into de linux OS, which is the thing you are probably trying to escape right?). this maybe for a novice won’t be even noticeable, but for hardcore users that tested like 100 distros, they will notice something is different and those are the ones that reported the issue on that website.
        the best way to get a good linux system (untouched by anyone) is to choose the one you like and download from the official website. you can try the website Distrowatch to find rankings about linux distributions and other informations. I would recommend you to go for Ubuntu, Fedora, Mint and Elementary OS, as I tested them personally and they work fine.
        I can give you more information about how to install linux, just create a fake email you can drop here and I’ll give you some more information in order to don’t make the same errors as I made (like losing all your data or linux not starting).

  26. Henk van Setten said on October 10, 2016 at 4:54 pm
    Reply

    Just by coincidence, less than an hour ago I ran the updater for my Linux laptop (still running a very reliable older version of Mint, 17.2). After checking for updates Linux does offer an easy option to tick them all or select just the ones you want. No reason to expect this will change in the future.

    Compared to the slow and glitch-prone Windows Update it works fast and smooth too. And of course the real time saver is that on Linux, the updater can give you not just system updates but also updates for whatever software you may have installed yourself — everything in one go.

    On my remaining Windows 8.1 computers, I will absolutely resort to option 3: I will turn off Windows Update completely. I don’t want to run any risk of Microsoft spawning new telemetry (spyware) or other unwanted “features” upon me.

    I guess the risk of missing security patches may to a reasonable degree (though not fully) be compensated by three things:
    1. sensible personal internet behavior (like no dumb clicking on suspicious links);
    2. installing an extra real-time antivirus layer;
    3. maintaining very strict whitelist-based firewall rules, both for incoming and outgoing traffic permissions.

    I will keep running Windows 8.1 as long as it’s still convenient, but next time I buy a new computer, it will not have Windows 10 but run just Linux Mint — no dual boot, either.

    Farewell, Microsoft. I’m very sure I will be going to miss Windows sometimes. But missing the nice things is not enough to hold on: the reasons to dump Windows keep getting ever more compelling.

    1. Parker Lewis said on October 10, 2016 at 6:34 pm
      Reply

      If you intend not to update Windows, make sure to block ads and trackers thoroughly. Malware can enter through ad networks even if all you do is visit the New York Times website.

      Skipping security updates for too long is something only very advanced users can afford IMHO.

      Your compensations sound fine though :)
      I would also send to VirusTotal the files I have to download, even though it amounts to sending data to Google.

  27. kalmly said on October 10, 2016 at 4:16 pm
    Reply

    I tried – and failed – to update my Win7 computer before MS’s newest invasion begins. It doesn’t look like I am going to make it. So, it’s back the walled castle of Wupdate Off.

  28. Tom Hawack said on October 10, 2016 at 3:53 pm
    Reply

    It seems to me that Option 1 includes in fact two sub-options because Windows Update will propose as I’ve understood it two roll-ups, of which one with security update only, or am I, once again, mistaking?

    1.1- Use Windows Update and install a single cumulative Monthly Rollup patch that includes security only updates.
    1.2- Use Windows Update and install a single cumulative Monthly Rollup patch that includes security and non-security updates.
    2- Disable Windows Update, and download Security Patches through Microsoft’s Update Catalog.
    3- Disable Windows Update and don’t download and install any patches.

    Here I’m still hesitating. At this time I’ve chosen Option 3, all instances related to Windows Update are blocked.
    I may later on, depending on users’ feedback, have a try with Option 2.
    I’m very unlikely to ever risk Option 1.2, I’m sure to never choose Option 1.1

    1. Martin Brinkmann said on October 10, 2016 at 3:55 pm
      Reply

      Tom it seems that if you use Windows Update, you get one big patch that includes everything — security and non-security patches.

      We will see tomorrow if that is really the case.

      1. Tom Hawack said on October 10, 2016 at 5:07 pm
        Reply

        OK, Martin, that’s what I was confused about.

        So we’d have as you wrote it the 3 options, and the Security only update would be accessible only from the Windows Update Catalog.

        Accessing the Windows Update Catalog requires accessing it with IE, but there is a work-around using the Catalog’s RSS feeds. I’ve just tested it once, successfully, then 10 minutes later… with the feed empty. No idea if this is due to a Microsoft initiative or because of server overload …

        http://catalog.update.microsoft.com/v7/site/Rss.aspx?q=Windows+7+for+x64

        Because to download Security only WinUpdates there is — for Win7/8.1 users — only this solution if IE is disabled.

      2. Martin Brinkmann said on October 10, 2016 at 5:08 pm
        Reply

        Yeah, Microsoft is still working on getting the Windows Update Catalog ready for other browsers. It is probably easier to search for KB numbers once Microsoft makes them available.

  29. buck said on October 10, 2016 at 3:38 pm
    Reply

    LOL, Microsoft REALLY REALLY want those telemetry updates on Win7 and Win8 systems.

    Force feeding its users updates like a French farmer feeds his foie gras ducks… giving its customers fatty liver disease whilst simultaneoulsy bending them over and rodgering them senseless.

    What a world we live in.

    1. Tony said on October 11, 2016 at 12:37 am
      Reply

      Microsoft’s true agenda is obvious.

  30. Jeff said on October 10, 2016 at 3:11 pm
    Reply

    The worst part about this is the size of updates increasing tremendously so your already overloaded internet connection will be abused more. The cumulative update rollups for Windows 7 are around 40-60 MB, for Windows 8.1 they’re around 130-150 MB and for Windows 10 they are 450-600 MB with occasional big build upgrades which are several GBs in size. Microsoft does not want people to know the size of updates so they hide the size on Windows 10 – the UI completely removes it besides eliminating all control over installing them.

    1. Martin Brinkmann said on October 10, 2016 at 3:51 pm
      Reply

      According to Microsoft, those monthly rollup patches will use delta updates methodology, so only changes are downloaded and not everything.

      1. Jeff said on October 10, 2016 at 4:10 pm
        Reply

        Yes I know. You can measure the sizes tomorrow of the rollups. Despite using delta updates, they are so bloated on Windows 10. WU Minitool will expose the update size on Windows 10.

  31. Kulm said on October 10, 2016 at 2:48 pm
    Reply

    I’m not going to let MS shit on my head and call it rain.
    I created a Mint partition this weekend.

    1. Ohbouy said on October 11, 2016 at 2:53 am
      Reply

      Ditto – did the same :) bye bye Microsucks

  32. Dave said on October 10, 2016 at 2:43 pm
    Reply

    Can someone make a program to get only the good updates? That seems like the solution.

    1. 420 said on October 11, 2016 at 7:15 am
      Reply

      yes it is called linux, you will be there soon after you mad enough at the company that is making your os that you paid for a living nightmare. I would suggest manjaro.

      1. buck said on October 11, 2016 at 11:47 am
        Reply

        I sceond the Manjaro recommendation.

        Best OS available right now.

    2. zund said on October 10, 2016 at 5:29 pm
      Reply
      1. Dave said on October 10, 2016 at 11:44 pm
        Reply

        This is awesome. Thank you

      2. hallmike said on October 10, 2016 at 6:54 pm
        Reply

        I use wsusoffline and it works so well I donated to the developer. I only hope it continues to work after MS changes the update packages.

    3. Khidreal said on October 10, 2016 at 5:09 pm
      Reply

      I think it’s not possible, it depends on what you consider as “good updates”… for some people telemetry on windows 10 is something good, for others is bad… unless the program has a premade set of questions which you answer so that the program can determine what means “good” for you or is very customizable on what concerns to it’s references, a program will most likely just don’t work.
      the best option I see right now is to download the updates, 1 by 1 and read it’s description. if the description seems good for you, download it, if not, ignore it.

  33. Yuliya said on October 10, 2016 at 2:42 pm
    Reply

    WIll use SImplix UpdatePack so no problems here :)

    1. John in Mtl said on October 11, 2016 at 1:34 am
      Reply

      Yeah but… will your Simplix pack developers be able to parse individual updates from the whole cumulative Monthly Rollup and isolate individual fixes ? They will have to do some serious reverse engineering of the Rollups and invent a naming strategy to identify the separate “KB’s” in the Rollup. Of course, for anything before october 2016, it’ll still work.

      1. Yuliya said on October 11, 2016 at 2:31 pm
        Reply

        Oh, what a shame then. I hope they’ll manage to update it somehow. Otherwise I just won’t install those rollups.

      2. Yuliya said on October 11, 2016 at 11:19 am
        Reply

        Aren’t updates still made available individually for download (but not through WU)? That’s my understanding.

      3. Martin Brinkmann said on October 11, 2016 at 11:45 am
        Reply

        I doubt it. If you check Microsoft’s Download Center and search for Windows 10 downloads, you will not find individual downloads. It seems likely that Microsoft will use the same system for 7 and 8. So, past downloads yes at least for a time, new downloads nope.

  34. Nik said on October 10, 2016 at 2:14 pm
    Reply

    Nadella needs to go

    1. Declan said on October 11, 2016 at 10:53 pm
      Reply

      Ditto that

    2. Mola Ram, CEO Microsoft said on October 10, 2016 at 8:44 pm
      Reply

      He’s making peoples’ lives a living hell for the benefit of Microsoft’s marketing tactics. Many updates trash computers and apps, not just a few, but many, and others are not wanted, now people do not have an option to block incompatible updates!? Does Nadella know how computers work!? I get the feeling Nadella is a Mac user and doesn’t even use his own products.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.