Windows (7/8) automatic updates – Drivers (network specific) - DISABLE?

Fulcrum29

Fulcrum29

Honorary Master
Joined
Jun 25, 2010
Messages
68,355
Reaction score
31,477
Location
At the arcade
Let me see if there are any smart IT folks around here.

I have numerous Windows PC’s in my environment which is not in any form of domain, only connected to their own network. The problem is that since a month ago certain PC network drivers is being updated automatically and then the driver fails horribly and must be rolled-back in order for the network of that PC’s to function. I cannot turn off Automatic updates and install in this environment, or else I would have done so. I know that you can stop devices (and printers) from being updated, but not network adapters.

Is there any way to stop specific drivers from updating automatically?

This is currently a worst case scenario for me, Microsoft own response for me is to wait for stable driver releases… Oh, and according to them the hardware I’m using is not yet Windows 8 compatible, but this happens on Windows 7 PC’s also and only after the update… Basically all Atheros drivers are being updated into Qualcomm drivers… then fails… I’ve been working with Computers and networks for years and have never been so frustrated by Microsoft.

Anyone with a solution regarding turning off specific driver updates? I do not want hear that I must enable only update downloads and disable automatic update install.

Strange though that the Windows Vista machines do not have these updates on the same hardware, plus the only Operating Systems working here are Win XP and Linux based regarding networks…
 
Last edited:
Roman4604 said:
Right click -> Hide on specific driver update in Windows Update.
Click to expand...

QFE. This is what I did for updates and new drivers that just totally trash everything for my customers.

However, you shouldn't be running Automatic updates in a SMB network or corporate environment - I never once recommended this because it causes more trouble than its worth. When I was in college I set up three different rigs for the IT admins to be guinea pigs for new updates rolled out by Microsoft because their auto-update policy would frequently cause issues with their custom software. Since they standardised on hardware across their network, installing the updates to these machines and then rolling them out once they were tested was a best practice I started for them, since you can identify issues and anticipate them if you know what to expect and why things go wrong. I usually stop updates for any machine I work on and only install service packs later on - its a much easier thing to test and automate and the chances of machines getting viruses, malware or hacks are very slim if you have enough of a defense in the form of a good AV and an active firewall.

If you ever set up an Active Directory with Server 2003/2008/2012, you can use Group Policy to automate certain update rollouts through a local update server, which will deliver updates to your clients, but only the ones you approve - the rest get blocked. This is the easiest and simplest way of standardising software across a network, including the fact that you can block all driver updates through the group policy as well - you can set it to only allow an admin to do it on a case-by-case basis with their password.
 
NAG - Wesley said:
QFE. This is what I did for updates and new drivers that just totally trash everything for my customers.

However, you shouldn't be running Automatic updates in a SMB network or corporate environment - I never once recommended this because it causes more trouble than its worth. When I was in college I set up three different rigs for the IT admins to be guinea pigs for new updates rolled out by Microsoft because their auto-update policy would frequently cause issues with their custom software. Since they standardised on hardware across their network, installing the updates to these machines and then rolling them out once they were tested was a best practice I started for them, since you can identify issues and anticipate them if you know what to expect and why things go wrong. I usually stop updates for any machine I work on and only install service packs later on - its a much easier thing to test and automate and the chances of machines getting viruses, malware or hacks are very slim if you have enough of a defense in the form of a good AV and an active firewall.

If you ever set up an Active Directory with Server 2003/2008/2012, you can use Group Policy to automate certain update rollouts through a local update server, which will deliver updates to your clients, but only the ones you approve - the rest get blocked. This is the easiest and simplest way of standardising software across a network, including the fact that you can block all driver updates through the group policy as well - you can set it to only allow an admin to do it on a case-by-case basis with their password.
Click to expand...

This is a no server environment, no active directory and no policies. Only one Windows workgroup with Linux machines on separate network. The agreement states that the machines must do automatic updates… That is why I started this thread. Though this is in my own network (separate from the company domain) environment, I do have client machines in between, which requires 24/7 internet connectivity…

Thanks @ Roman4604, your advice is good in home environments, where users do click away on all updates not knowing if any problems can arise.

Hiding the updates (driver specific) in Windows Updates does not prevent the drivers from being updated automatically.
I just got to a boiling point yesterday and I always find solutions, now I don’t…

This also happened in another network environment as discussed in other forums…

Should there have been Group Policies, this would not have been any issue.

ALSO, anybody with network problems, check your network adapter drivers…

Thanks @ NAG - Wesley, you are clued up. Although not the required solution, your advice is recommendable.
 
Well I have another idea: Disable the Windows Update service completely because its being so troublesome. So long as your antivirus gets regular updates and your firewalls are on, you should be fine. You can then always use service packs if they're available, or schedule for manual updates to be done by yourself only. You'll need to amend the service agreement or buy new network adapters because, you can reason, not doing so would affect business-critical workloads.
 
Last edited:
NAG - Wesley said:
Well I have another idea: Disable the Windows Update service completely because its being so troublesome. So long as your antivirus gets regular updates and your firewalls are on, you should be fine. You can then always use service packs if they're available, or schedule for manual updates to be done by yourself only. You'll need to amend the service agreement or buy new network adapters because, you can reason, not doing so would affect business-critical workloads.
Click to expand...

I have gone this route...

The whole purpose for this setup is actually for testing in a real business environment with process flows connected 24/7 online. Unfortunately, unforeseen problems such network adapter updates can happen, which did. Interesting though is that on my one DC Server, it also happened, but yes updates in my domain is not automatic, all rules and privileges so the server were running as normal. In regard to the service agreement, in this case automatic updates are necessary outside a domain, long story, but it has something to do with identification encryptions, Microsoft-based regarding Lync.

Would like to know if it this adapter updates to wrong drivers also occurred in other networks?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X