I don't think you understand that you don't own Windows. You own a license to use it. If they want to force updates, they can and have done so in the past. Of course there's workarounds to stop updates but without those, your computer can be forced to update if it can contact Microsoft servers.

I'm sure their user agreement allows them to force updates when you agreed to use Windows upon first setup. To say that you own Windows is incorrect. I don't care what you do with it but Microsoft has the final say about their software.

What what would you say if auto manufacturers told you that you aren't allowed to drive your car unless you replace the spark plugs every 1,000 miles?

I'm sure the law, which can't be cancelled by any willy nilly user agreement, has something to say about it. According to that law, I do own my Windows and I can do pretty much anything I want with it it. You know why? Because I PAID for it... Heck, I can even sell you my Windows if you want it, even though Redmond Inc. is going to frustrate me in doing so.

You know what's about the only thing I legally can't do? I can't sell NEW copies of the thing, because the only thing I don't own is the COPYRIGHT to Windows.

It's not about ownership of windows, it is about the ownership of the hardware it runs upon. And, so long as I own the computer, I control what it is able to do, including updates. I don't dispute that the OS manufacturer should provide for security updates and would never hold MS or other operating system responsible for a user's choice to not keep apply the security update. But it is about ownership and controlling what one deems to be an acceptable risk.

Too many times an otherwise innocuous update brings along an incompatibility or other unintended consequences (like doing its update during a time sensitive operation) or causing a driver to no longer work. Heck, HP is getting even more of a reputation as their latest "updates" are causing their printers to refuse to operate without genuine HP ink/toner...that has nothing to do with security and I have, no doubt, that MS updates also embed hooks (e.g. Edge keeps reappearing). My most stable computers do not get frequent updates.

The same thing you'd do when projector manufacturers tell you to replace the air filters every 500 hours. If you want to preserve the warranty, do the planned maintenance that the terms and conditions of the warranty requires you to do. If the warranty has expired and/or you don't care, make your own informed decisions as to what maintenance you do, and when.

As Marcel notes, failing to update Windows, or actively taking steps to prevent Windows from updating, is not something that Microsoft can take any legal action against you for in most (if not all) jurisdictions. But there may be other implications. I read an article a couple of weeks ago (it was on the Crapple News app - can't find it from a quick search just now) that a school district in Minnesota had their insurance claim following a ransomware attack rejected, because they had failed to install software updates that would have prevented the malware from spreading through their LAN.

Steve's point specifically about Microsoft is well taken. In particular, more often than not after the monthly W11 update, you are forced to look through a sequence of screens trying to bully you into (a) making Edge your default browser, and (b) logging into a Microsoft cloud account, if you have booted into a local account. This kind of behavior will only encourage people to actively try to avoid updating their computers.

The dispute was about who owns and controls Windows and Darin stated that you only "own" a license and as such, that Microsoft essentially can do whatever they want with the software on your machine.

Microsoft applies different tiers and cost models to their licensing, you've got Home editions and the "Pro" editions. I'd like a "Mission Critical" desktop edition that can be used for exactly that: Mission critical stuff. This edition should be solely targeted at that specific usage scenario, also, those who maintain such systems, should know how to keep their environment secure. As such, it should allow for a more fine grained control of all the underlying update infrastructure. It should also be devoid of advertising, secretly redeploying stuff you'd previously removed and other adverse shit that has nothing to do with any mission critical environment.

How about one version and it having all of those features. I'm not giving you or MS a pass on it being able to do what it wants on my computer...no. It should only be able to do what I give it permission to do...that's it. It is never MS' computer.

My PC has been off for a few days and I did choose "shutdown" instead of "update and shutdown" for a while before that.

Tonight I got this:

updates.jpg

If I don't do anything, the update will happen outside of working hours. Which in my case will mean after midnight.

What I am trying to say is that MS are definitely pushing updates but they're trying to warn you with plenty of time. I did intentionally ignore all those warnings for a while so it feels fair that they've now stepped to the next level of harassment!

Leo,
I've recently been "bullied" by MS as THREE different screens appeared at boot advertising Windows 11 with a massive "UPDATE TO WINDOWS 11" and a very small "stay on windows 10" blended in the corner. That is bullshit and must stop.

Steve,
I politely disagree. If your computer is online and is not kept up to date, it could becomes an easy place for malware to live and spread around. So I fully understand MS' attitude here. If the PC is offline, then no updates or limitations happen. If you go online, MS try to make sure your PC is safe.

That being said, MS could offer two tiers of updates: the "critical updates only" and the "new features updates and all the crap" one.

In my case there was no warning at all that I ever saw.

Unless, perhaps, it put up the warning and then went ahead with its update when I wasn't there to see it. I crank up that computer and look at it when I start the move and again when the show is over, but otherwise it just sits there and if it did say something while the show was on I'd not see it.

Average Computer Joe(ette) is a slacker that will not take care of his/her computer and as such the machine will automatically become part of a botnet, spewing all kinds of crap all over the Internet. Sooner or later, all files on the system will end up being encrypted by some random ransomware.

Therefore I think it's perfectly fine that Microsoft provides a Slacker OS or Slacker Mode that keeps the system reasonably secure out of the box. But if you label your distribution with "Pro", "Enterprise" or "Datacenter", I expect to be in FULL CONTROL. As a professional services company you do know it's important to keep your infrastructure updated, separated from the public Internet, but you also need to provide some guaranteed availability towards your customers. Machines rebooting uncontrollably at random during production is therefore something completely unacceptable.

Also unacceptable are those forced updates and guerrilla marketing practices, like forcing people to upgrade their OS or like side-loading all kinds of crap you don't want. A nice example is Edge... imagine you provide a tightly controlled on-line environment via Firefox or Chrome and Microsoft starts pushing an "all-open" Edge. Not only are my customers getting annoyed by some new random icon popping up on their task bar, they're introducing a new, honking security hole at the same time.

The legality of it all can also be questioned: Simply installing a new application without my explicit consent (and maybe having clicked on YES on a 300000 page EULA I do not consider consent) on my hardware is borderline criminal and highly anti-competitive...

I am not 100% sure but I believe the "enterprise" version of Windows gives you many more tools than other versions. I've read some time ago of a business crying their Windows Home updated during working hours. "home", the clue is in the name

Let me be perfectly clear here: there is room for improvement for sure. However I found the recent changes since 2015's W10 pretty good. If you remember Windows used to basically re-install itself every 6 months, updates were pushed with no delays, no choice from the user. You'd regularly open your laptop to find the dreaded "windows is completing the update". There was no control whatsoever.
Recent changes relaxed things a lot. Updates must happen but they give you the option to perform them at a convenient time.

Amen! Every workstation at my place of work has a computer and a barcode scanner for logging into and out of work orders via the company's labor/job tracking system. I can't tell you how many times, when workers try to use the system, that the computer at a given workstation is caught in an update cycle and can't be used. It takes several minutes (or longer) for the update to complete. Then the computer has to be rebooted and the labor tracking application has to be restarted. Of course, it takes a supervisor to go around and turn each computer back on. In a busy shop, that can take any amount of time from minutes to hours, depending on the circumstance.

Basically, employees can't work and supervisors have to drop whatever they were doing in order to go around and restart all the workstations. In the mean time, you've got workers running around, going up and down rows, to find the one workstation which hasn't gone into update mode. It's FRUSTRATING!

Luckily, for me, I've worked there long enough that I am able to get the passwords needed to log back on but, because of ITAR (*) rules, passwords have to change every so often. That means that, even me, who has been trusted with only low level passwords, has to stop work in order to get what I need to do my job.

If the update borks a driver needed to operate the barcode scanner, even if I know the password, I STILL can't work until the drivers are fixed. Sometimes, you can unplug/replug the scanner (USB) then reboot the computer but that means you have to reboot the system TWICE. This just happened to me, last week. Even after two reboots, it still didn't work. I had to write up a maintenance request and submit it to IT which, of course, won't be acted upon for at least a day. All the while, I had to run around, bothering other people to let me use their computers so that I could do my job.

Don't try to tell me that the IT department should program updates to happen at night. I work the night shift. (For a 10% wage increase.) Even though updates are programmed to take place at night, it just happens to be in the middle of my work shift. No matter what time of day those updates were programmed to take place, they will interrupt somebody's work.

My God! If a computer that controls an automated production line goes into update mode, it could shut down a whole plant! (Which I have seen happen!)

* ITAR = "International Trade of Arms Regulations" The set of rules that govern contractors that do business in areas which fall under the umbrella of National Defense.

Interesting point. I've configured all my personal Windows machines with an auto update window of midnight to 6am, and the remote access PCs we install in theaters have an auto update window of 2am to 8am in the time zone in which they are installed (the thinking being that these hours are when a movie theater is least likely to be open, and therefore that access to the PC may be needed). Six hours is the minimum window that the OS lets you specify. The only issues we've had in recent years are the "bully screens" after an update delaying whoever first uses it for a minute or two, which take a minute or two to wade through and get rid of.

But if a Windows PC is being used in a three-shift production situation, and therefore are in use 24/7, there has to be a way to disable automatic updating completely. I have no problem with "Updates are available that patch critical vulnerabilities - your computer is at risk until you install them" messages appearing regularly, though.

ITAR strikes again! You have to install updates, regardless of the OS you're using. Don't care if it's Windoze or otherwise.

What's supposed to happen is that updates are received by some master server, somewhere...probably a server at Home Office (for our company, that would be in Texas)...which is then pushed to remote locations. I don't know exactly how or when that happens but I'm sure it does. Under ITAR, all software has to be vetted. What the actual vetting process, I don't know.

Usually, on a Wednesday night, computers on the production floor start popping up with "Update ME" messages. During that time, as updates are being pushed, the network starts slowing down. You go to log in or out of a job and your computer hangs. After, I don't know how long, your log-in may or may not go through. Up pops the dialogue box, asking you to update.

How many people, working in such a shop, do you think are going to accept the update, then and there? (Hint: That number is exactly equal to e^iπ +1.)

Then, after you get done haggling with Windoze, you have to check to see if your log-in request actually went through.
If you THOUGHT you logged out of a job before going home but, because of Windoze borking your request, if you don't check, you could, very well stay logged in to a job overnight. If it happens on a Friday, you would be logged in for the entire weekend.

How would you like to be the supervisor who has to spend his Monday morning, going through computer logs to find and correct any missed log-outs?

I am not 100% sure but if you get the ENTERPRISE version of Windows, then you do what you want (given you know how to use the available tools).

Still, if your production machine is on the internet, it would be wise to keep it up to date, in a controlled way of course. Disabling everything is only acceptable for offline machines IMHO (and those wouldn't update automatically anyways).