Saying no to patches

Topic

New Reply

ISSUE 22.03 • 2025-01-20 PATCH WATCH By Susan Bradley Both Apple and Microsoft are providing updates and options that are unnecessary. The good news f
[See the full post at: Saying no to patches]

Susan Bradley Patch Lady/Prudent patcher

10 users thanked author for this post.

abbodi86, rizzquery, jburk07, Nibbled To Death By Ducks, fisher75, Alex5723, Kevin, dataman1701, DLivesInTexas, Norio

Reply | Quote

Replies

According to Settings (Windows 11 Home) I have Device Encryption enabled but not Bitlocker. What protection does this actually give, if any? I also seem to have a BitLocker recovery key, but the device ID associated with it doesn’t match anything I can find on my PC.

Am I better off using a third-party disk encryption tool, such as VeraCrypt?

Thanks

Reply | Quote

KeithC wrote:

According to Settings (Windows 11 Home) I have Device Encryption enabled but not Bitlocker. What protection does this actually give, if any?

Device Encryption provides almost* the same protection as Bitlocker, but only for your System Drive (C:). So sensitive information (on that drive) is unavailable to others if your computer is lost or stolen.

(* same as default Bitlocker settings, but you can’t use a pre-boot PIN or startup USB flash drive for extra security with Device Encryption.)

KeithC wrote:

I also seem to have a BitLocker recovery key, but the device ID associated with it doesn’t match anything I can find on my PC.

A Key ID is provided with a Bitlocker key and is quoted if/when the recovery key is requested, just to confirm the appropriate key. Is that what you see rather than device ID?

KeithC wrote:

Am I better off using a third-party disk encryption tool, such as VeraCrypt?

No; unless you want encrypt something other than your C: drive.

Reply | Quote

On one computer, I got a “Time to Restart” pop-up. I went to Check for Updates and found that Win 11 24H2 had been activated and was now “Pending restart’, meaning I had no choice to delay it. I closed all open items and did the required re-start.

Fortunately, after doing a few things on that computer I can report that I found no problems.

To protect my other two computers I pushed updates off to 2.24.25.

Reply | Quote

If you’re presented with an unexpected update that’s Pending Restart, all you have to do is click on Pause Updates to cancel and remove it. If you wish to go back to Windows 10, you have about 10 days to roll back the Win11 update.

Reply | Quote

“installation of Outlook (new), which will replace the Windows mail client. Outlook (new) will install, and there is no way to proactively block the installation.”

Susan,  if one doesn’t have Windows mail client, can’t we just ignore installation of new Outlook?

Reply | Quote

That’s my understanding, yes.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

cmar6

Reply | Quote

Susan, thanks to you and the team for the updates about  the ugly changes to outlook.  I’ve added the registry entries published previously and at least I broke nothing.  If worst comes to worst, I can live with alternatives, but helping family member make that change will not be trivial…

1 user thanked author for this post.

Goldie Oldie

Reply | Quote

rbailin-

Are you telling me that I could have gotten rid of “Pending restart”, that Mcrosoft had not forced the update of 24H2? Tere was no indication that I had any choice, that no matter when I had to do a restart 24H2 would be installed. I find this hard to believe.

Reply | Quote

In your case I would install it, then within 10 days roll it back.  Then use incontrol to block it.

When the code is already installed and pending reboot it’s not easy to NOT install the update.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Here is an article about the forcing of 24H2:

https://www.theregister.com/2025/01/20/microsoft_to_force_windows_11/

“IT professionals around the world should gird their loins for the inevitable friends and family support calls when Windows 11 24H2 makes a surprise appearance, and uncle Fester is surprised that things have suddenly started working a little differently.”

1 user thanked author for this post.

Cybertooth

Reply | Quote

I am hoping that InControl will block 24H2.  If not, I have another plan.

Mark

Reply | Quote

Thank you, Susan.

First, I while I did not choose to install 24H2, I have found no difficulties with it.

Second, I do not know how to roll back an update.

As I said above, I have protected my other two computers by delaying updates for 5 weeks.

Reply | Quote

You can uninstall this update and go to the previous version by going to Settings > System > Recovery > Go Back.

To really protect your machines use Incontrol

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Yup, Susan is spot on! the quick method to staying on 23H2 is by
downloading and running InControl from GRC.
Once set to stay on 23H2, should prevent microsoft
sideswiping your system to 24H2.
Suitable for both W11 Home and (..for the lazy) Pro Editions.
Download with simple instructions: https://www.grc.com/incontrol.htm

Windows - commercial by definition and now function...

1 user thanked author for this post.

rizzquery

Reply | Quote

Bit Locker is off on my W10 24H2 pc. Do I need to worry about a key?

Reply | Quote

Nope. Off means “not encrypted”.
However, this might be misleading if you have Windows Home as MS call it “device encryption” in Home – BitLocker light?

Encryption is not usually on by default in W10. You can check with our BitLocker Checker.

cheers, Paul

Reply | Quote

Make that W10 22H2

Reply | Quote

Given all of the changes in the Jan 14 patches, the change that I noticed in last month’s update is probably minor, but I’ll post it anyway, in case it matters to anyone going forward.

I am Win 10/Pro 22H2. I did the Dec updates rather late – Jan 11, just a few days before the Jan 14 patches. About 5 days after that, I noticed that my Network Profile had changed from Private to Public. I haven’t kept an eye on this, but a search indicates that it happens more often with Win 11 than with Win 10 patches. For those who have an interest in this, you might want to check for changes in your Network Profile after installing the Jan updates (or for that matter, after any WU update). Also check your Advanced Sharing settings.

Check the Network Profile at Settings>Network & Internet > Status > Properties for Public vs Private.
Advanced sharing settings are at Control Panel > All Control Panel Items > Network and Sharing Center > Advanced sharing settings.

1 user thanked author for this post.

Cybertooth

Reply | Quote

Just a personal observation;

Over the decades, as Windows has grown in size, bloat and complexity, I never hear, anymore, two phrases that used to be quite common years ago across many technical disciplines and fields:

“Over-Engineered”, and “Over-Invented”.

The current design/marketing ethos seems to be to have your product as overloaded with unnecessary bloat right out of the box as possible. (Smartphones are a prime example of this.) Marketing seems to think, whatever it is, it has to wash the baby, feed the dog, roof the house, call the police, etc, etc.

A great deal of this thinking goes into “Patches”. “Hey,” you might find yourself asking, “What the **** is THIS, and how did it get here?” (Or as the old Talking Heads line went, “Oh, my God, what have I done?”)

When this old Win 7 boat I’m running goes down, I’m running Mint, if at all possible. Sorry, I like a clean, lean machine bereft of snoop ware.

/rant

Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

2 users thanked author for this post.

Cybertooth, Mothy

Reply | Quote

I have observed the same thing personally as well as in my IT career. I used to enjoy using and working on Windows systems. Now I only endure the bloated platform at work as part of the job.

Personally I’m free of Microsoft after switching to Linux Mint two years ago. It’s been such peace of mind and a joy to use a system/platform that shares my exact sentiment regarding my computer and what I expect from an operating system (from their website):

Home rule

It’s your computer, your rules. This is a key principle at Linux Mint. We don’t collect data, we don’t work against you. You’re the boss. Your operating system is designed to do what you want without getting in your way.

2 users thanked author for this post.

windbg, Cybertooth

Reply | Quote

Ironic, isn’t it, that the OS that IMHO is far superior to either macOS or Windows is free? Maybe the latter 2 OSs need to spend more time on their OS and less on scraping money from wallets.

1 user thanked author for this post.

Mothy

Reply | Quote

WCHS wrote:

check for changes in your Network Profile after installing the Jan updates

Windows 10 Pro 22H2 Jan. 2025 updates. Mine stayed as Private.

Reply | Quote

Hello!

I had to read the following three times before I was reasonably confident that I understood it.

In testing my older Windows 10 machines with the recovery partition problems, I hit — once again — 0x80070643. After installing the other .NET and security updates for the month, I tried a second time, attempting to install the update all by itself. I will — once again — recommend that anyone hitting this error with the updated patch use any of the BlockAPatch tools to block it. It gets one try to install — two at the most — and if it fails, it’s outta there.

I take it that the intended meaning is as follows. If one particular Windows update yields error #0x80070643, then one should try again – and then perhaps one final time – and if the update at issue continues to fail to install, then one should use the ‘BlockAPatch’ tool to block that update.

Reply | Quote

I just used wushowhide.diagcab tool and hid 24H2 from my Windows 11 pro updates.

However, when opening, I get a message that it is being removed by Microsoft. (screenshot attached)

So long as I have this downloaded and can run it, do I need to worry about not being able to unhide 24H2?

 

Reply | Quote

It shouldn’t be a problem but, if it becomes one, you can use InControl to prevent the upgrade to 24H2 (see post #2742977  in the W11 Home Edition Stay on 23H2 thread.)

Reply | Quote