Block specific W11 Updates

Hi there,

Is anyone aware of a way to block specific updates in Windows 11. Currently I have a task scheduler automation running to disable the following updates after every successful Windows update event.

These updates are tied to Co-Pilot and is currently responsible for resetting my fan curves for my GPU and CPU after every restart. I know it sounds dumb but disabling them fixes the issue 100% of the time I've used it.
KB44774629
KB44776738
KB44850061
KB42105254
KB41655236

The cleaner solution would be to just block it from installing the first place because it tends to randomly reinstall itself for some reason.

I don't have those updates but then I have removed CoPilot. Also, they are not listed in Microsoft Update Catalog for manual download/install.

Berton said:

I don't have those updates but then I have removed CoPilot. Also, they are not listed in Microsoft Update Catalog for manual download/install.

Click to expand...

How were you able to achieve that? Every method I've tried so far to remove CoPilot failed. CoPilot just winds up reinstalling.

Scratch that, I found the below. Will test with the powershell commands for system level removal.
Uninstall or Reinstall Copilot app in Windows 11 and Windows 10
Completely Disable and Remove Copilot in Windows 11

WUA Manager

I use WAU Manager
It’s lightweight unobtrusive and simple to use.

After checking the small box at the top to allow WAU Manager to take over, checking the “Normal” option below it, you can click “Update Windows Now” and it will show you the available updates before proceeding. You can chose not to proceed or select updates to install.
It can also uninstall updates.

If you wanted to hide those updates, when they appear, check them then click the “hide Selected” button. (Bottom image)

Alternativly and what would make more sense, would be to use Brinks tutorials. (At least for CoPilot)

Also, CoPilot is an App now. Just uninstall it.

I'm rather skeptical. Why would W11 install these updates (other than if you had Office 2010 or 2016)?
I seriously doubt this patch list installs any Copilot updates. MS isn't adding Copilot back into End of Life Office products.


- KB44774629 - Security Update Office 2010
This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-0980.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

---

- KB44776738 - Expired W10 1607 update (REMOVED)
As of 9/12/2023, KB5003638 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update.

---

- KB44850061 - .NET 3.5 Rollup for Server 2012
This security update resolves a vulnerability in Microsoft .NET Framework that may cause an information disclosure that allows bypassing Cross-origin Resource Sharing (CORS) configurations.

An attacker who successfully exploits the vulnerability could retrieve from a web application content that's normally restricted.
This security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.

To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0545.

---

- KB42105254 - Security Update Word 2017 (Feb 2024)
This security update resolves a Microsoft Word remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2024-20673
• Microsoft Common Vulnerabilities and Exposures CVE-2024-21379

Note: To apply this security update, you must have the release version of Microsoft Word 2016 installed on the computer.

---

- KB41655236 - Security Update Excel 2016 (Feb 2024)
This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-20673.

Note: To apply this security update, you must have the release version of Excel 2016 installed on the computer.

Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home.

Where are you even getting patches with eight-digit KB numbers? The latest update for 24H2 is KB5050009, a seven-digit number.

pseymour said:

Where are you even getting patches with eight-digit KB numbers? The latest update for 24H2 is KB5050009, a seven-digit number.

Click to expand...

I've gotten the info from this thread on AMD forums. Re: Adrenaline resetting to defaults every reboot. I cant attest to what it is these updates are @garlin provided some more info regarding what exactly these updates are but the main point is just that it resolves my issue when I remove them.

garlin said:

I'm rather skeptical. Why would W11 install these updates (other than if you had Office 2010 or 2016)?
I seriously doubt this patch list installs any Copilot updates. MS isn't adding Copilot back into End of Life Office products.


- KB44774629 - Security Update Office 2010
This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-0980.

Note To apply this security update, you must have the release version of Service Pack 2 for Office 2010 installed on the computer.

---

- KB44776738 - Expired W10 1607 update (REMOVED)
As of 9/12/2023, KB5003638 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update.

---

- KB44850061 - .NET 3.5 Rollup for Server 2012
This security update resolves a vulnerability in Microsoft .NET Framework that may cause an information disclosure that allows bypassing Cross-origin Resource Sharing (CORS) configurations.

An attacker who successfully exploits the vulnerability could retrieve from a web application content that's normally restricted.
This security update addresses the vulnerability by enforcing CORS configuration to prevent its bypass.

To learn more about this vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0545.

---

- KB42105254 - Security Update Word 2017 (Feb 2024)
This security update resolves a Microsoft Word remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2024-20673
• Microsoft Common Vulnerabilities and Exposures CVE-2024-21379

Note: To apply this security update, you must have the release version of Microsoft Word 2016 installed on the computer.

---

- KB41655236 - Security Update Excel 2016 (Feb 2024)
This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-20673.

Note: To apply this security update, you must have the release version of Excel 2016 installed on the computer.

Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer (.msi)-based edition of Office 2016. It doesn't apply to the Office 2016 Click-to-Run editions, such as Microsoft Office 365 Home.

Click to expand...

It's what the post of where I got the information from says THE POST. It's actually perplexing how these updates could affect my AMD Adrenalin custom tuning but just by cause and effect alone when I remove these updates my configs persist through restarts and my issue is resolved. I would also wager that it's probably one of these updates that are causing the issue instead of all of them.

The most concern part is when it "resets" my tuning. It applies some random overclock with 100% voltage applied to my GPU when my actual overclock is also an undervolt.

You can see below using vivetool to check enablement status of the listed updates, they tend to just reinstall themselves randomly. I've removed them quite a bit of times now.

Hiding these updates wont do because if my understanding about the behaviour of hidden updates is correct when major feature updates occur there's a likelihood these updates will be present in those updates all the same.

The other idea is if specific updates like these are fetched from specific links I could block those instead of having to block wup domains on a network level.

I think I will create an AHK script that silently runs a powershell script to check if any of these updates are installed every 5 minutes and then proceeds to disable them. It's a subpar workaround but there just seems to be no way to "hardblock" specific updates from installing.

ViveTool allows you to manage Feature controls (Update ID's), which are not the same as Windows Update KB's.

A new Windows release, or a major/minor Feature Update (known in W11 speak as "Moments") will toggle different Update ID's as part of the planned upgrade to Windows.

• Some new features are already present in a Monthly Update, but stay hidden until a later date. ViveTool can sometimes allow you to enable them ahead of their official debut. Many Insider or Preview Builds take advantage of this feature, by shipping with multiple Update ID's already turned on.
  
  
• Some features can be disabled, reverting Windows to an older functionality. But MS can unexpectedly decide to remove the legacy code and kill the Update ID's ability to reverse the change. After that point there is no going backwards if you allow Windows to self-update.
  
  
• There isn't an official, complete list of Update ID's and their functions. A few unofficial lists are provided, but they don't normally explain what every named function does.
  
  
• The best way to research why a specific set of Update ID's is doing something good (or bad) is to search for "vivetool [ID] [ID] ...".

You can disable a hidden scheduled task which resyncs your current Update ID's from the Windows Update servers.