Sulla strada per Windows 10: problemi con aggiornamenti forzati e KB 3073930

We now know for sure that Windows 10 build 10240 — and presumably the final version of Windows 10 — will force updates on Windows 10 Home and Windows 10 Pro PCs that aren’t connected to a patching server. That said, Microsoft has provided certain tricks you can use to block specific patches after-the-fact. In my experience, some of the tricks work, others don’t.

In passato, Microsoft ha tracciato una netta distinzione tra patch di sicurezza e altri aggiornamenti di vario tipo. Ad esempio, l'elenco di servizi di aggiornamento software all'indirizzoKB 894199 puts “security content” and “non-security content” in completely separate sections.

In the final stretches of the build 10240 beta, though, that distinction has been thrown to the wind; the five “Security Updates for Microsoft Windows” all include patches to build 10240 itself. I can’t find details about any of the patches in KB 3074663, 3074661, 3074665, 3074667, or 3074674 — we just have to take Microsoft’s word for it.

Resta da vedere se la fusione di patch di sicurezza e non di sicurezza è una soluzione permanente o semplicemente un matrimonio di convenienza beta. Ma la mancanza di distinzione è preoccupante.

I set out to see how Microsoft’s patch blocking program, wushowhide.diagcab, works. You can get your own copy at KB 307930. La descrizione dice:

In rari casi, un driver o specifico aggiornamento potrebbe causare temporaneamente problemi con il dispositivo, e in questo caso sarà necessario un modo per evitare che il driver della problematica o l'aggiornamento di reinstallare automaticamente la prossima volta che sono installati gli aggiornamenti di Windows ... Se un driver o aggiornare vengono offerti sta causando arresti anomali del sistema o instabilità e Windows funzionava correttamente prima di tale aggiornamento, è possibile seguire queste istruzioni per impedire l'installazione del driver o dell'aggiornamento indesiderato.

Using wushowhide is a two-step process. First you have to remove the driver (right-click Start, choose Device Manager, right-click the bad driver, and choose Uninstall) or uninstall the patch (Start > Settings > Update & security > Advanced options > View your update history > Uninstall updates > pick the bad patch and click Uninstall). Second — before you reboot — you need to run wushowhide.diagcab and follow the old-fashioned Troubleshooter (Windows 7 veterans will remember it well) to find and check the box next to the driver or patch you just uninstalled, in order to “hide” it.

Once you’ve removed and hidden the patch or driver, reboot your system, and it shouldn’t darken your doorstep again in the future — at least, that’s the theory. The practice is a little different.

I started by removing the oldest security patch on my system, KB 3074663. Before running wushowhide, I rebooted. When Windows 10 came back up for air, KB 3074663 was nowhere to be found — it didn’t appear after clicking on Check for updates, and when I went into Uninstall updates, it wasn’t there either. I’m still looking, and can’t find KB 3074663 anywhere, except at the bottom of the “View your update history” list.

There’s no way I can find to manually install KB 3074663, either. The KB article says:

Questo aggiornamento è disponibile tramite Windows Update. Quando si attiva l'aggiornamento automatico, questo aggiornamento verrà scaricato e installato automaticamente. Per ulteriori informazioni su come attivare l'aggiornamento automatico, vedereRicevi automaticamente gli aggiornamenti di sicurezza.

Which is wrong in so many different ways that it’s hard to list them all.

Arrivederci, KB 3074663. Lo sapevamo a malapena.

Imperterrito, ho provato a rimuovere la patch più recente, KB 3074674, che è uscita nelle prime ore di questa mattina. Questa volta, ha funzionato come previsto: disinstallare la patch, don’t reboot, run wushowhide, hide the patch, and it stays hidden through various attempts to check for updates. Run wushowhide again, uncheck the hidden patch, reboot, and it appears when you click “Check for updates”.

This morning I also received a Synaptics driver update for the Synaptics SMBus driver. I went to Device Manager, uninstalled the driver… and never found it again. Running wushowhide doesn’t list the driver. Rebooting and clicking “Check for updates” doesn’t find it either. Windows 10 isn’t like Windows 8 or 7 (or Vista or XP or 98): There’s no list of patches to choose from. Like Charlie sulla MTA, the Synaptics driver’s no doubt riding forever ‘neath the streets of Boston.

Again, there’s no way I can find to manually install it.

Morale della storia: disinstallare i driver e le patch a proprio rischio.

Also note that wushowhide only works after the fact: You can’t pre-emptively tell wushowhide to block certain patches or certain groups of patches. You have to get stung first, then block a specific patch that has been manually uninstalled.

I’m told there’s a way to roll back patches in the Windows 10 boot sequence, but I can’t get it to work for specific patches. If any of you has a pointer to the method, hit me in the comments. (t/h YB)

It’s unclear how/if wushowhide interacts with Microsoft’s old Windows Server Update Services or the new Windows Update for Business (WUB), which nobody I know has seen as yet. Rod Trent su Windows ITPro pubblicato un articolo su Windows 10 che appare ora negli elenchi WSUS, ma sembra che ci siano pochissime informazioni (al contrario di presentazioni fantasiose e descrizioni contorte) sulle patch 10 di Windows per l'azienda.

Also worth noting, the five patches to Windows 10 build 10240 are all marked as security patches and thus are supposed to bypass the Fast ring/Slow ring/Home cannon fodder vetting process. It looks like we’re going to get security patches immediately, although there’s no firm description about how WUB will handle them. Presumably WSUS admins will be able to delay them, as always.

Una settimana per andare.

Lascia un Commento

Questo sito utilizza Akismet per ridurre lo spam. Scopri come vengono elaborati i dati dei tuoi commenti.