Posted inExperience / Information Technology / Thank You Sir May I Have Another

Lousy Software Policies of Microsoft Windows 10

seasoned_geek by seasoned_geek
Lenovo M93p ThinkCentre front

Been a long time since I had Windows as a primary OS on any machine I cared about. I had forgotten Microsoft’s lousy software policies. Nobody could really forget the lousy software or why <ALT><CTRL><DEL> became ingrained in the mind of generations. You can forget the really bad design when you only let Windows run in a VM.

Well, one has to be more specific when talking about bad design and Microsoft. In this particular case it is forced updates with forced reboots. Microsoft ASS-U-MEs that it is the only OS on your machine and that it controls the boot sequence.

Silly Microsoft! Trix are for kids!

The Trix rabbit

What Happened?

I left the office last night with Windows 10 started and BOINC running. Yes, if you are reading in sequence this post is one day after my previous post. I came out to find a Ubuntu 20.04 LTS login screen. Even after applying all of those updates that got applied yesterday Microsoft decided to push out yet another update forcing a reboot.

Forced reboots are why many corporations don’t allow developers to run Microsoft operating systems as a primary on their desktop. This is especially true in the medical device world where you can leave a long build of Qt or CopperSpice from source running when you go home. Having the host OS reboot and take out the Linux VM running the build really jacks things up.

Microsoft Defensive Strategy #1 – Fix Grub

sudo nano -B /etc/default/grub
Grub configuration

You want to change GRUB_DEFAULT=0 to be GRUB_DEFAULT=saved. At the end you want to add GRUB_SAVEDEFAULT=true. Exit and save the file.

sudo update-grub

That will generate new Grub menu for boot. It tells Grub to default to whatever the last selection was. If you have ten different operating systems installed when some kind of power issue causes your system to reboot, it will reboot to the last chosen OS.

Microsoft Defensive Strategy #2 – Try to configure Windows properly

You can find Windows users complaining to Microsoft directly that this “automatic reboot feature is a cancer.” There are many really long winded less than effective “work arounds” listed on official forums. Most of them seem to center around completely removing the ability to restart. Not just removed for updates, your ability to restart gets disabled as well. There are even some advertisement pumping sites like this one with information that might have been right at some point.

Here’s what I did.

This only works for Windows Pro. You shouldn’t be using “Home” for work anyway. Especially not if you need to leave tasks running overnight or for days.

You have to start by hitting the “Windows Key” and R.

Windows key

Hold down the Windows key and hit R then release both. In the run box that pops up you need to type the following:

gpedit.msc

When that application starts go to full screen mode. On the left navigate your way down:

Computer Configuration
    Administrative Templates
       Windows Components
          Windows Update
Navigate to Windows Update on left side of screen
You will then see a lot of settings on the right side

What people tend to do here is look for a “one & done.” Microsoft deliberately made this difficult. If you try that approach as many have, you still end up with the occasional update reboot happening. I took a more deliberate and measured approach.

Turn off auto-restart for updates during active hours
You are limited to an 18 hour window for “active hours”
Configure auto-restart reminder notifications for updates
240 minutes is as high as you can go
Configure Automatic Updates

Most people miss this rather obvious step. You can limit the damage to one day per week or month here.

Update settings

I changed it to every Thursday at 7am. I also told it to install updates for other products because this machine had word pre-loaded. Some people can remember useless things so they can get buy with one week per month. I always get way to involved in a project and forget little things like “Hey, my PC is going to screw me on the third week of the month.”

If I’m changing settings at a client site, (some allow us to do that, some don’t) I tend to choose 11:30am on Friday. Why? I usually find someone to go get fish and chips with on Friday.

Allow Automatic Updates immediate installation
Automatic installation

If Microsoft does not lie to you, this should be enabled. Why not let them automatically install things that aren’t going to bounce the computer or take down a service?

Turn on recommended updates via Automatic Updates

Recommended updates is a double edged sword. You should get a better experience but you increase the chances of needing a reboot.

Be Careful Here

No auto-restart with logged on users for scheduled automatic updates installations

This is the one and only setting people tend to reach for. It is also the most misleading. Many things you want to leave running uninterrupted don’t require an active login. A good example would be backup software where you schedule a task. On this day at this time it backs up your computer whether you are logged in or not.

Enable this

You need to control this setting along with the day and time. You can’t avoid the reboot, but you can mitigate the damage. Just how good do you think your automatic backup is going to be if updates try to apply while it is running? How about when the computer reboots half way through?

Re-prompt for restart with scheduled installations
Enable this and set it to at least 60 minutes

What we are doing here is assuming some restart will slip through so make Microsoft drag a plow. You can keep postponing while you are there. This is one reason you probably want to set the day and time for when you will be in the office. Yes, it is annoying if there are a lot of updates to apply, but you can personally stop any significant damage.

Should look like this when done

Roland Hughes started his IT career in the early 1980s. He quickly became a consultant and president of Logikal Solutions, a software consulting firm specializing in OpenVMS application and C++/Qt touchscreen/embedded Linux development. Early in his career he became involved in what is now called cross platform development. Given the dearth of useful books on the subject he ventured into the world of professional author in 1995 writing the first of the "Zinc It!" book series for John Gordon Burke Publisher, Inc.

A decade later he released a massive (nearly 800 pages) tome "The Minimum You Need to Know to Be an OpenVMS Application Developer" which tried to encapsulate the essential skills gained over what was nearly a 20 year career at that point. From there "The Minimum You Need to Know" book series was born.

Three years later he wrote his first novel "Infinite Exposure" which got much notice from people involved in the banking and financial security worlds. Some of the attacks predicted in that book have since come to pass. While it was not originally intended to be a trilogy, it became the first book of "The Earth That Was" trilogy:
Infinite Exposure
Lesedi - The Greatest Lie Ever Told
John Smith - Last Known Survivor of the Microsoft Wars

When he is not consulting Roland Hughes posts about technology and sometimes politics on his blog. He also has regularly scheduled Sunday posts appearing on the Interesting Authors blog.