Page 1 of 1

Win7 telemetry and other bull*

PostPosted: 23.06.2017, 21:47
by Pamela
Hello in here.

I have up to now only used WSUS for new installations, but since M$ obviously will not stop trying to infect my compters, I have completely disabled updates on all pc's since they started with the roll-up madness.
I would therefore like to use WSUS for security patches, if I can be sure that the dirty stuff from M$ is not included.
I have searched this forum several times to see if a solution have been found to filter the updates. I know that I can select "security updates only" but that is probably not enough to avoid the M$ spy/malware.
All topics about this seems to end without a conclution.
I therefore hope that someone will take time to explain me what I should do, and if there actually is a way to prevent M$ from infecting my Win7 computers (Other than keep updates disabled).

Re: Win7 telemetry and other bull*

PostPosted: 24.06.2017, 01:26
by aker
I'd suggest you to user wsusou's SecOnly-mode ("User security only updates instead of quality rollups"). Just tick the box in UpdateGenerator and UpdateInstaller and you should be on the safe side. MS currently did not put any telemetry updates (except for the rollups) into wsusscn2.cab, but that might change in the future (even if I don't think so).

Re: Win7 telemetry and other bull*

PostPosted: 24.06.2017, 12:55
by Pamela
Thank you, Aker.

They did hide Win10 malware in KB 3139929, but if you tell me they have not done it since that, I will give it a try although I have lost any trust in this former so great company.

Re: Win7 telemetry and other bull*

PostPosted: 24.06.2017, 20:05
by boco
You're not alone. Windows 10 would be a much greater success without forced updates and Telemetry shit.

Just note that Security-only updates are meant for corporations*, a user group MS will be shy to piss off (hopefully). So they are clean, for now. Also, they aren't cumulative, so you need all of them.

*That's the reason those SecOnly patches aren't available from Windows Update, normal users should normally not use it.

Re: Win7 telemetry and other bull*

PostPosted: 24.06.2017, 21:15
by Pamela
Thank you for the reassuring words, Boco.

What about IE, .net ect. Can I apply security patches on those without getting infected?

Re: Win7 telemetry and other bull*

PostPosted: 25.06.2017, 00:02
by boco
The Cumulative Security Update for IE11 is currently safe. For .NET, WOU installs the respective SecOnly packages exactly like for Windows, the checkbox in the GUI applies to both.

In case you despise Telemetry, the main update to avoid at all cost is KB2952664. There are several updates adding Telemetry points to various components of the system, however, they do nothing without the main update (the "engine" of the Telemetry car, so to speak). Of course, that's only valid for Windows components, many MS software programs can spy on their own (Defender, OneDrive, Skype etc.).

Re: Win7 telemetry and other bull*

PostPosted: 25.06.2017, 11:13
by Pamela
So, IE updates are cumulative?
Does this mean there is no security updates only?

My pc's are completely free of any telemetry/Win10upgrade spyware/malware and it has been a big job to keep them so.
Since M$ became totally unserious, I have gradually moved away from their software (Office ect.) and have now only Win7 and MSE left, and only use IE for special tasks.
I use MSE because all other AV programs makes more harm than a virus.
Windows 7 will be my last M$ product unless they magically get back on a serious track.
I will now try to read about how to exclude certain updates in WSUS, since I have never done this before.

Thank you for all the help.

Re: Win7 telemetry and other bull*

PostPosted: 25.06.2017, 23:27
by boco
Yep, "Cumulative Security Update for IE11" is all there is. So far, it contains only security updates for IE11.
MSE does spy, too, at least by default.

Re: Win7 telemetry and other bull*

PostPosted: 29.06.2017, 13:15
by jonas