Disable Windows Updates Detection via Policy?

Discussion in 'Other ESET Home Products' started by jeramy_t, Aug 12, 2009.

Thread Status:
Not open for further replies.
  1. jeramy_t

    jeramy_t Registered Member

    Joined:
    Aug 12, 2009
    Posts:
    22
  2. The Chez

    The Chez Registered Member

    Joined:
    Aug 8, 2009
    Posts:
    32
    I don't know your computing needs, but not updating systems is not a very good idea in the long run.

    If you have multiple machines, sign up for Microsoft's advance notice. This is for IT pros & advises the best ways to distribute updates throughout a network & on multiple computers. It also advises on how to minimalise disruption.

    Windows updates provide fixes for flaws in programs & the OS it's self that can let threats like Conficker & Blaster in.
     
  3. jeramy_t

    jeramy_t Registered Member

    Joined:
    Aug 12, 2009
    Posts:
    22
    We manage all of our desktops via group policy a WSUS. They are updated at 11pm after patches have been tested through a diffrent group to verify applications are not effected.

    The main issues that arise is every patch Tuesday, and the days untill the patches are approved, users flood the helpdesk with calls about their Icon being orange, we do like that our user call when their is a problem, but if they keep seeing this, they will stop calling and when an issue we dont detect comes up they will not call because they will be use to the icon changing color.
     
  4. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    I am not really familiar about the way policy manager work in ERA but I assume it also uses the configuration editor to change settings.

    On this - http://dl.getdropbox.com/u/349356/esetnoupdates.png - screen-shot you can see where it is located on the configuration editor in ERA.
     
  5. jeramy_t

    jeramy_t Registered Member

    Joined:
    Aug 12, 2009
    Posts:
    22
    AWSOME! they must have put that in wit an update because that option was not there before, and the response i recived from ESET said nothign about that.
    Thanks!
     
  6. Damon85

    Damon85 Registered Member

    Joined:
    Dec 11, 2007
    Posts:
    33
    I may be wrong here because the icons had already switched to orange when I enabled the feature, but turning it on did not seem to stop the icons from switching to orange when updates had not been installed and were missing, it only stopped a pop-up balloon from NOD32 warning that the system is "at risk" because updates hadn't been installed. I was able to confirm that the setting had gone into effect by inspecting the client's configuration.

    In any case, this "feature" doesn't seem very useful as it falls outside the realm of the AV software in my opinion. Most centrally managed business AV clients likely reside on networks where Windows updates are managed, more than likely centrally with something like WSUS. Having the AV software alert end users that updates aren't installed is simply alarmist and results in excess calls for help. This is also redundant with existing alerts coming from Windows itself about updates being needed.

    If it is true that the setting only stops NOD32 from actively alerting the user to missing updates, but doesn't prevent passive notification, this should be modified to disable the ability to monitor, detect, or alert (actively or passively) about the status of updates at the discretion of the administrator. I for one don't appreciate "nanny" software that second-guesses my decisions and causes end-users unnecessary worry as a result.
     
  7. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    If you set this option to "No Updates" it will turn off this feature completely, ie. no yellow systray warning and notification within the program. You might want to try a reboot after changing the option. Or if you don't want to reboot and still get a notification within the problem (after changing it no to), just click on the notification once and tell the window to update (It will just open win-upd. page in XP or Windows update console in Vista), then it should turn to green again and never return back yellow cause of missing updates.

    I agree it ain't much of a use in business environment cause administrator need to have control over such, but for home users it will help end users to alert for new updates and with that, protect them better against malware (which is the job of a AV).
     
Thread Status:
Not open for further replies.