Kaseya Community

Windows Auto-Update Changes

  • Windows Automatic Updates is completely disabled across the board. I set up notifications to alert me when this option changes on a client machine. Over the course of a few weeks, I have found that randomly, machines go from disabled to either user controlled or fully enabled. I know GPO's are not causing this.

    Does anyone have a "best practices", or forensic way of fidning out WHAT caused the Windows Automatic Updates to be enabled?

    I'm starting to think WSUS or software installs are causing it. Some of it could be the few users with local admin rights.

    Legacy Forum Name: Windows Auto-Update Changes,
    Legacy Posted By Username: boostmr2
  • If you disable it, it greys it out in Control Panel, so it's not a user changing it unless they are doing it from the registry or local policy. WSUS won't do it, it requires a GPO to point the settings to the WSUS server. You might want to triple check your GPOs, because that's what causes it every time for me.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: mclark@outsourceitcorp.com
  • Some AV's will prompt users to re-enable too, I've seen it on versions of Norton. If a user were to get curious they might turn it back on through there.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: kroberts210
  • I have seen this before. A newly installed patch will change the settings on a workstation and override a patch tool's settings or revert the setting back to a default/previous setting. Regardless of the Group Policy. This does not happen often, but does occur. I have also seen Microsoft Documentation that states that this has happened. Search their Technet site.

    Legacy Forum Name: Patch Management,
    Legacy Posted By Username: BT4Denovo