[German]Users repeatedly ask how updates can be blocked for installation under Windows 10 (Home and Pro). After all, Microsoft has removed this functionality from Windows 10. If there are problems, the updates install themselves again and again, until the problem is gotten, the update has been withdrawn by Microsoft or blocked by the user. With the Windows Update Manager by David Xanatos, however, there is a tool to specifically hide updates under Windows 10.
The problem: Hiding updates
img src=”https://vg01.met.vgwort.de/na/9a9ace42395d427a94620ea1beee2dda” width=”1″ height=”1″ alt=””>There are frequent cases in Windows where updates cause serious problems and have to be uninstalled. Or there is an installation error, so that the update fails. Then users are often faced with the problem that the update in question would have to be blocked. The options from Windows 7/8.1 to only download and install updates on demand have been removed from Windows 10 by Microsoft.
Updates just can be delayed
The option of these Windows versions to hide updates under Windows Update is also no longer available in Windows 10 with on-board tools. Only Windows 10 Enterprise offers the possibility to set these old options via group policies – but that does not help the majority of Windows 10 users. The same applies to the management of updates via WSUS, SCCM, Intune or similar management solutions that are used in corporate environments.
Advanced update options as of Windows 10 V1903
After the update hassle became too much, Microsoft has only provided its users with the option to delay update installations by a few days starting with Windows 10 V1903 (see screenshot above). And the option described in the articles Windows 10 May 2019 Update brings back Update control and Windows 10 V1903: The ‘broken’ defer update options, that optional updates have to be manually triggered by the user to download and install, doesn’t always work either – there are enough reports on the blog that after an update delay, the optional updates were installed without asking (Windows 10: User control of Windows Update – some inconsistencies?).
Microsoft withdraws WuShowHide
There was the tool wushowhide.diagcab from the Microsoft developers to block updates from install und hide them (see How to block Windows 10 updates and Fix: Windows 10 hangs in update installation loop). However, this approach has a flaw.
The description for blocking drivers and the references to wushowhide.diagcab are still available from Microsoft under KB3073930. However, anyone who tries to download the wushowhide.diagcab file runs into an error 404. Microsoft has simply removed the download from its servers.
There are still 3rd party sites offering an download. But I would not trust such offers. I also remember reading a note that wushowhide.diagcab no longer works reliably with newer Windows 10 builds (but this was contradicted by patch lady Susan Bradley on askwoody.com).
Use Windows Update Manager (WuMgr).
From blog reader David Xanatos (that’s a nick), however, there’s Windows Update Manager (WuMgr), which provides features for the update management on Windows 10 – including Home versions. The tool now operates under a new name, Windows Update Manager (WuMgr), and is available for free download on GitHub. David explains the difference to Windows Update MiniTool like this: WuMgr was inspired by WU MiniTool, but relies on .NET instead of C/C++ and is open source. All you need to do is download the archive file and unzip it. Then WuMgr can be started directly from the exe file – no installation is required. The tool requests the necessary administrator rights via the user account control and logs in with the following interface (an English edition is also available).
Windows Update Manager (WuMgr), Click to zoom
Using the tool is quite simple: in the left column, various options are displayed in the lower area. The right column lists updates found (installed, pending). Update packages can be marked via checkboxes. Then the updates can be managed via the icons in the left column.
- The first button on the left enables an update search.
- The second button from Links enables the download of an update package.
- The third button from Links enables the installation of an update package.
- The fourth button of links allows uninstalling an update package
- The fifth button from the left (crossed out eye) allows to hide an update package.
The last button from the left opens the relevant support page for the update marked by the checkbox. The buttons at the top of the left column can be used to access Windows Update, installed updates, hidden updates and the update history. Hidden updates can thus be listed, selected and then unselected via the button with the eye. On askwoody.com there is a more detailed tutorial.
At this point, however, two remarks – I have been in exchange with David Xanatos for a long time. There was/is the Update Manager for Windows also as an App in the Microsoft Store. But here I have noticed that Microsoft has blocked app updates before. Was not a safe bank in the past.
Furthermore, the Win32 program file wumgr.exe suffers from the problem that a DLL hijacking is possible. In other words, if the .exe file is started, it searches for certain DLLs in the program folder by default. If a malware succeeds in copying DLL files with the same name (as the Windows DLL counterparts) to the folder of the Win32 program file wumgr.exe, these DLLs would be loaded. Since the tool requests administrative privileges, the malware DLLs also gain administrative privileges.
I have been in contact with David regarding this since 2019 with no resolution. According to David’s feedback, the dependencies that lead to DLL hijacking are directly caused by Microsoft’s .NET libraries and he has not found a way to change this loading order to force access to the Windows folders. Whether the option doesn’t exist, I can’t say.
That was the reason why I didn’t introduce David’s WuMgr further here in the blog until now. David had once suggested building an .exe installer to get around the problem. But that doesn’t really solve the DLL hijacking problem, as there is still the vulnerability during the installation. David does not seem to be able to build an .msi installer.
Currently, there are two strategies for users to mitigate the DLL hijacking issue somewhat. Copy the unzipped files to a separate folder that does not contain any other files. Then, with a glance at this folder, it is possible to detect if DLLs copied by a malware suddenly appear there. Furthermore, the write permissions to this folder could be revoked for the default account used. Then the malware would no longer have the ability to copy files to the folder with the WuMgr. With that, I’ll conclude the article – you have the knowledge about the WuMgr and also know about the potential risks.
Potential errors in the Windows update database – Part 1
Potential errors in the Windows update database – Part 2
Windows 10: User control of Windows Update – some inconsistencies?
Windows 10 V1903: The ‘broken’ defer update options
How to block Windows 10 updates
Potentielle Fehler in der Windows-Update-Datenbank – Teil 1
Potentielle Fehler in der Windows-Update-Datenbank – Teil 2
Windows 10 V2004: Defer Feature Update removed
Windows 10: Find out the reason for blocked feature updates
Cookies helps to fund this blog: Cookie settings