Open SoftwareGuy opened 8 years ago
It does seem to break Windows Update entirely, which is it's own security hole.
I have a suspicion that the firewall rules are mostly unhelpful for the phone-home behaviour since they're hard-coded.
It doesn't disable the Windows Update service, but I can no longer check for updates after running it.
I ran the Windows Update troubleshooter and you can see what (little) it has to say here:
Good to know. We need to be more transparent about what exactly this kit does, if it's going to break Windows Update then this is a gaping hole and the author might get a lot of flak because "I used your kit and I got hacked!", etc.
I can confirm on Windows 7 that I edited the script to NOT block the hosts via route
commands, and everything else seems to be OK. Windows Update seems to be working alright and no other ill side-effects.
Windows 7 here on 2 computers, it works perfectly fine but I did had to go back to Windows Update and install the "Windows Update Software" because I still want the new security updates that will be released in the future. Then I also had to click the check for updates a few times and hide unwanted windows update because the script doesn't hide all of the updates that it uninstall.
I removed host blocking from main script. Now hosts2.bat blocks hosts through firewall.
As far as I know, all targeted updates get hidden with this script, no issues. If you know what's stopping windows updates, let me know, I'll fix it.
If some are not being hidden, please say which ones. Think some KB's shouldn't be blocked? feel free to elaborate, and say why. I'm open to any changes and critiques.
@WindowsLies it could be the fact that you block fe2.update.microsoft.com.akadns.net, sls.update.microsoft.com.akadns.net, and their non-akadns.net counterparts.
Disabled those addresses in hosts2.bat. Will it update now?
It worked absolutely fine here on 4 different Windows 7 computers. Update still functions. Outlook email can still be accessed. As Zurd notes, it's worth double checking that the updates specified in the batch file are indeed hidden next time you run Update. Oh look. some FUD in the issues page... I wonder why
Any update that has multiple releases under same KB article is not hidden by the script. It reports update as hidden, and indeed there's at least one version of it hidden already, but new (older) version will emerge to take place of the hidden update.
Okay, I see some issues here:
route
command only block the OS-level communication? If you access websites via Chrome for example, it'll work fine?That's pretty much the major questions I have. Cheers!