Pinterest Stumbleupon Whatsapp
Ads by Google

A Reader Asks:

I have just upgraded from Windows 7 to Windows 10 and I notice under Windows Store, settings I am unable to turn off “Update apps automatically” under “App updates”. There is a message below saying: Contact your system administrator about changing this setting. My user is set to admin so I am not sure how to fix this. I am unable to access group policy editor as it appears not to be available on Windows 10 Home. Any advice?

Bruce’s Reply:

With all of the Internet-connected Windows computers in the world today, Microsoft has faced challenges in keeping all of those machines as secure as possible. A significant number of those machines never see any security updates 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn't perfect, we all know that. Security patches and updates fix the vulnerabilities... Read More at all while others take a long time to get patched and remain vulnerable to malware, thus posing an even greater risk to other connected machines.

As a result, Microsoft has changed its patching scheme for the latest iteration of Windows in an effort to keep the window of vulnerability as small as possible.

Microsoft’s New Updating Methods

Throughout the entire Technical Preview Windows 10 In Pictures - A Guided Tour Of The Technical Preview Windows 10 In Pictures - A Guided Tour Of The Technical Preview The Windows 10 Technical Preview is now available to everyone. Some bugs aside, it does look promising. We'll guide you through the new Windows one screenshot at a time. Read More a whole new scheme for updating Windows 10 was used. It involved fast and slow rings, which controlled how frequently updates were installed on the participant’s devices depending on which ring they belonged to. Now that Windows 10 is being sent out into the wild, update branches (described below) will be used to decide who gets updates at what time once they are available.

The most flexibility is with the Enterprise edition on the Long Term Servicing Branch (LTSB). This is only available for customers with a Volume Licensing Agreement (VLA) or Software Assurance (SA) and it allows any update to be postponed indefinitely.

In the middle, we have the Professional, Enterprise, and Education editions with the Current Branch for Business (CBB). It allows users to defer updates for an unspecified amount of time before they are forced onto the machines. This allows companies to test the security patches, fixes, and new features before rolling them out via Windows Server Update Services (WSUS) or other compatible patch management systems such as System Center Configuration Manager, thus allowing more company control while still making sure all updates eventually get rolled out.

Ads by Google

And at the bottom of our list we have Windows 10 Home which uses the Current Branch (CB). It allows very little control over updates Pros & Cons of Forced Updates in Windows 10 Pros & Cons of Forced Updates in Windows 10 Updates will change in Windows 10. Right now you can pick and choose. Windows 10, however, will force updates onto you. It has advantages, like improved security, but it can also go wrong. What's more... Read More . The other issue that arises with the Home edition is that Microsoft has decided to apply the same behavior to all apps installed from the Store. A user can initiate an update check and install cycle, but you cannot select what updates will be applied. You simply get them all.

What You Can Do

At the time of this writing, there is no way to change the app update setting in the Home edition other than upgrading to Windows 10 Pro. Fortunately, Microsoft makes the upgrade to Pro relatively painless. Simply go to Settings > System > About > Change your product key or upgrade your edition of Windows (or Settings > Update & Security > Activation) > Go to Store. This will bring you to the Store page for the upgrade which will cost US $100. Surprisingly enough, searching for this upgrade in the Store doesn’t return any relevant results. After making the purchase, it will be delivered through the Store update mechanism.

If you don’t intend on using any of the additional features of the Pro version, any device you have running Win 10 Home will be able to successfully run Pro.  There are additional requirements for specific features such as a Trusted Platform Module (TPM) version 1.2 or 2.0 or a USB drive to use BitLocker Free Military-Grade Privacy For Your Files: How Bitlocker Works [Windows] Free Military-Grade Privacy For Your Files: How Bitlocker Works [Windows] Ever heard that quote about trying to explain how a television works to an ant? I'm not calling you an ant, even though you are hard-working and enjoy the occasional sip of aphid milk. What... Read More , or a minimum of 4 GB of RAM for Hyper-V to run virtual machines (only available with the 64-bit version).

It’s also worth noting that there are rumors that an incoming update due in September will allow Windows 10 Home users to deactivate automatic updates.

With all editions of Windows 10 except Home, you can change the app update setting on a per-user basis. To do so, open the Store, click/tap on your user icon at the top of the screen and click/tap Settings. Here, the App updates section is not grayed out and you can turn the selection for “Update apps automatically” on or off.

Previous Builds

Group policy is a mechanism for larger organizations to control a large number of registry settings – and thus the behavior – of any number of machines on a network domain How To Set Up A Network Domain How To Set Up A Network Domain Read More based on the user logged into the machine, the groups the user belongs to, and/or any groups that the machine belongs to. This offers an easier way to provide the proper operating environment for clerks in the warehouse, which is different from what the accountants in payroll see, and which differs from what the corporate executives use. It is part of Active Directory and was rolled out to the public with Windows 2000. There is also a local version that can be used on some editions of Windows, generally Professional and higher.

Group-Policy-Registry-Settings-Store
Previous builds during the development process included a setting in group policy to change the app update behavior machine-wide. It no longer exists in the release build nor are they included in the group policy administrative template files and reference spreadsheet released by Microsoft on July 30th.

I loaded the release build (10240) of both the Pro and Enterprise editions of Windows 10 into VirtualBox How To Use VirtualBox: User's Guide How To Use VirtualBox: User's Guide Learn to use VirtualBox. Get virtual computers up and running inside your computer, without having to buy any new hardware. Read More in order to find out if these settings were only removed from the Local Group Policy Editor, yet remained functional by manually editing the registry. In the image above, the top portion shows the group policy entries, while the bottom shows the values in the registry when both the automatic download and install of updates and the offer to update to the latest version of Windows options are turned off (enabled) under build 10041.

Manually entering the appropriate registry keys and values results in no change in behavior for the release version of Windows 10.

In Conclusion

Unfortunately, for Windows 10 Home users, if you wish to have control over your Store app updates your only recourse is to upgrade to the Professional edition which will impact your wallet. However, this behavior may also have a significant impact over how easily malware spreads through Windows systems connected to the Internet. Only time will tell how well Microsoft’s choice works out.

  1. B Senthil Kumaran
    November 19, 2016 at 7:44 pm

    Thanks a lot. It's much useful to all.

  2. B Senthil Kumaran
    November 19, 2016 at 7:43 pm

    Really useful one. Thanks a lot.

  3. DIYA
    October 10, 2016 at 8:57 am

    Hello,

    On my latest install of Windows 10 on my laptop, the background (borders) for movies that don't fill the whole screen is white when playing with the "Movies & TV" app in fullscreen mode. All of my other machines have a black background. I've upgraded to the latest version (all are the same on my laptops) but this one computer still shows white, any ideas?

    Thanks in advance.

  4. William Ameling
    August 6, 2016 at 1:22 am

    My problem is that the WindowsUpdate\Automatic App Update is preventing me from doing a power shutdown because Windows says that program is still running and I can not even get to it to tell it to shutdown. So I have to tell the power shut down manually to shut down anyway.

  5. Luxen
    March 4, 2016 at 11:37 am

    I absolutely hate not having an option to install or refuse an update, especially when I don't want an update. Skype? Don't care for it. Bing? I could care less. Why should I be forced to install this type of software when I don't want it? Or drivers or some features like updates for Microsoft Edge, etc.

    I would rather spend years on an unsupported version or move to a different OS altogether.

    • zvgfdg
      June 10, 2016 at 10:51 pm

      *I couldn't care less. "I could care less" means you do care to some degree.

  6. Snake Bite
    August 16, 2015 at 3:21 pm

    Disabling the "Windows Update" service does the trick to prevent automatic updates on windows 10 home.

    It is a piss poor decision to make mandatory updates without having some way for advanced users to disable them.

    Thankfully there will always be unofficial methods to force Windows to function how we want it to.

    • Bruce Epper
      August 16, 2015 at 5:21 pm

      Yup. You certainly can stop updates by disabling the service, but then you are stopping **all** updates including critical security updates which is another piss poor decision. A means to avoid a problem is not the same thing as a solution to the problem.

      So, are you suggesting W10H users manually search for all critical security updates daily to see if there is anything they need to manually download and apply to their system to close the holes being exploited by zero-days? Or do you think they are better off not getting those either which is what Microsoft's decision was trying to prevent?

      • Snake Bite
        September 1, 2015 at 8:12 pm

        I am suggesting that they should have an option for advanced users to choose when they wish to update, and what updates they wish to install.

        It's not hard to do, considering that is the way it works with previous versions of windows.

        IF I upgraded to windows 10...and at this point that is looking less likely every day... I will disable the windows update service...and go without ANY updates. I have done it in the past and have gone years between updates...with ZERO problems.

        No hacks, no malware, no problems.

        I am not saying that everybody should do that, but there should ALWAYS be an option to not have software try to make decisions for me.

        • Bruce Epper
          September 1, 2015 at 11:14 pm

          So, how will it be known you are an advanced user who knows how to avoid a lot of the traps that suck machines into botnets? Just take your word for it when you change the settings? So it will give us exactly the same environment that Microsoft wants to discourage - unpatched machines infected and incorporated into botnets wreaking havoc on every other machine on the web.

          Having the option would be very good from my perspective as an experienced user and technician, but a large number of Windows users don't know what the sane response would be regarding updating their system so Microsoft has simply taken out of everyone's hands.

        • Snake Bite
          September 2, 2015 at 10:32 am

          I wasn't suggesting that they make the option easy to find, just that there is an option.

          They can have it install on their recommended settings and leave it up to the advanced users to find after the installation is done.

        • Mihir Patkar
          September 2, 2015 at 6:59 am

          I do agree with Snake Bite here, Bruce. It's not an unreasonable request. I appreciate MS is trying to make it easier for non-techie folks, but it can't hurt to give an option to those who understand tech.

        • Bruce Epper
          September 2, 2015 at 11:05 am

          The whole problem with providing that type of option is keeping it available only to those who truly understand the potential impact.

          Everybody knows exactly what would happen if this was embedded in the system. One person would find it, document it, publish it and the world would have it twenty minutes later via a Google search.

          And I don't believe for a moment that Microsoft implemented these changes to "make it easier for non-techie folks". It is primarily meant to provide a more consistent platform for developers. As a side effect it also protects users and their fellow netizens from the consequences of unpatched systems.

          I do believe that they went too far by including Store apps in the Home edition and drivers in all editions. I have yet to see anything that constitutes a required update for a driver. And for the gaming and high-performance crowd, Microsoft's WHQL certification track for drivers just takes too long.

          By the time one driver gets through the process it has already been superseded by one or two newer versions that offer performance tweaks for the latest games. Gamers are likely to already have the latest video driver installed for their card but Windows 10 seems to enjoy rolling back to the last one to pass WHQL testing instead of just keeping the latest one already installed.

  7. Roccondil
    August 15, 2015 at 12:09 am

    The problem with automatic updates is that many of these updates require the computer to restart in order to finish installing them. And the updates are quite unexpected.

    Which means that anyone who regularly keeps programs running and use sleep mode when not using the computer are screwed if they have unsaved information when the OS automatically and without warning updates.

    • Bruce Epper
      September 1, 2015 at 11:06 pm

      The restarts are required because of how Microsoft chose to delineate kernel-space and user-space software. Overall system performance was a bigger factor in some of their design decisions rather than availability or up-time.

      It is not without warning and the reboot can be delayed up to 3 days. If you can't find the time to allow a reboot during the course of 72 hours, you should rethink the amount of work being done on that machine.

      • Roccondil
        September 3, 2015 at 3:50 am

        Yeah I wasn't saying that the restarts are stupid... we've had restart-required updates in pretty much all the OS versions.

        However, when I posted my comment, I believe Microsoft had not yet implemented that scheduling option. Since then I have seen the option (and the notifications that updates were imminent and which point to the option) to delay. It is definitely an improvement. Of course many would rather opt to indefinitely delay any updates they wanted, but for me this is an adequate solution.

  8. Nikolaj Knudsen
    August 14, 2015 at 2:40 pm

    ...., and/or change to flatrate.

  9. Nikolaj Knudsen
    August 14, 2015 at 2:28 pm

    Why on earth would you want to turn off automatic updates?

    • wallmartjoe
      August 14, 2015 at 2:34 pm

      Because I access internet through a mobile data plan and I need to control my bandwidth.

      • Bruce Epper
        August 14, 2015 at 6:12 pm

        In that case, you shouldn't want to disable the updates, just change the connection settings to 'Metered'. It will prevent all updates until you are on a non-metered connection. Just be aware that this will reduce the level of security of your system until you do get the appropriate security updates applied to your installation.

        • Snake Bite
          August 16, 2015 at 3:25 pm

          This doesn't work for people with bandwidth caps who connect via a wired connection.

    • Nikolaj Knudsen
      August 14, 2015 at 2:38 pm

      Set it to WiFi only.

    • likefun butnot
      August 15, 2015 at 1:07 pm

      I support 36 Windows computers in a lab setting with a 128kbps external network connection. The machines get reset periodically. The computers are on OEM rather than volume (Enterprise) Windows licensing, so they're on the Pro version of Windows. I already turned off Windows updates via Group Policy (which in my experimentation seems to be working), but since I really don't want to spend $2500 on a Windows Server license + CALs just so I can deploy a local Windows Updates Server and actually control updates and since I don't want all 36 of those machines re-downloading hundreds of megabytes of updates once a month, I'd rather just turn updates off and let them be.

      • Bruce Epper
        September 1, 2015 at 10:40 pm

        If you look at the advanced options under the Windows Update settings, you will find that you can restrict the Internet usage by allowing your computers to get the downloads from Microsoft and other machines on your network. Once you have the full set between all of your machines, it should stop looking at the Microsoft servers for the updates, i.e. they will only be downloaded once, not 36 times.

        • likefun butnot
          September 1, 2015 at 11:44 pm

          Because of the speed of the connection, the practical outcome of that would be that 36 machines each trying to download update #1, then 36 machines trying to download update #2. I can't rely on having a clean Windows 10 machine on the same LAN that already has the updates, so it's just as well to not bother at all.

          But as I said, the GPO method for disabling updates seems to have worked.

        • Bruce Epper
          September 2, 2015 at 11:16 am

          With Microsoft's objectives using a distributed model for downloading updates, it is unlikely that your outcome would happen. I am assuming (yeah, I know, bad word) that they thought about how this would work.

          The most likely course of action would be for Windows Update to first check with other machines on the local network to see if they have update X. If a local machine has the update, get it from there. If not, then check if another machine on the local network is currently downloading update X. If one is already downloading it, check for the next update that is needed. If not, then go and download it from the Internet/Microsoft depending on your update settings.

          The whole point was to not only reduce the load on the Microsoft Update servers, but to reduce the amount of data needed to pull all of the required updates onto other networks.

          When I get some time, I will need to set up a bunch of Win10 devices and a sniffer to test it, but I don't think I am too far off the mark.

  10. Alan Moore
    August 14, 2015 at 8:15 am

    I recently had the Pleasure!? of using a friends computer, he had had it for over 18 months it didn't have an anti virus running and it hadn't once received any Windows updates. Some people think its ok not to update their computer until of course it dies. It took several hours to install all the updates and then install a free anti virus.
    This is why windows update is now compulsory for the home edition.

    • Bruce Epper
      August 14, 2015 at 6:16 pm

      It is a compelling reason to force this on many users, but it is already causing problems for some users. There have already been patches released that have caused systems to fail to boot, enter boot loops, and install device drivers that are problematic on the system.

      I think Microsoft will have to back off on some of the forced updates, particularly drivers and possibly apps from the Store. There has been a great deal of backlash on both of those items.

      • Alan Moore
        August 15, 2015 at 1:46 am

        I am no IT professional so I wonder why this only affects some computers and not all. I will admit to having to roll back Win8.1 when my computer wouldn't connect to the internet. I have since upgraded again but mainly because I kept being nagged to upgrade lol

    • Snake Bite
      September 1, 2015 at 8:22 pm

      I am an IT professional. I would prefer to have the option to install or not to install. I would also like the option to set when to install.

      Windows updating while I am using my computer is a pain in the ass. It slows everything down, hogs my bandwidth and nags me to reboot my computer.

      At least with every version of windows prior to 10, I can set these options on my home version of windows. If Microsoft wants to give users the option of upgrading to pro instead of home I may upgrade.
      Since that is unlikely, I will not be upgrading to 10 anytime in the near future....or perhaps ever.

      Windows 7 still works fine for me (Windows vista does as well on my second machine. I have never had a problem with it).

Leave a Reply

Your email address will not be published. Required fields are marked *