- Thread Author
-
- #1
Abbreviations
W10 = Initial Release Windows 10 (v15xx
W10AU = Windows 10 Anniversary Update (v16xx
W10CU = Windows 10 Creators Update (v17xx
W10A8 = Windows 10 April 2018 Update (v18xx
WUP = Windows Update
Resources
AskWoody.com
########
Microsoft is at it again, trying to force-feed us the latest version of Windows. Updates KB4056254 + KB4023057 were re-released in June/July (2018) after first appearing in February. These two co-related updates are: Windows Update "Facilitator" and Update Assistant(V2). At the end of this post you will find a list of the files, services and scheduled tasks installed by the Feb updates -- I'm not sure of June/July details.
Together, these two updates are responsible for the annoying (and sometimes fatal) full-screen popup that interrupts what you are doing and tells you you MUST upgrade. By fatal I am referring to what happened in February when some users were FORCED to upgrade with no way to cancel.
February: these two updates, if installed, nagged the user to upgrade to W10CU v1709 and so should have appeared only if you were on v15xx, v16xx or v1703. Unfortunately, this invasive popup sometimes ignored the user's settings and started force installing! Microsoft soon after admitted this was 'human error' on their part.
June/July: I have no firsthand knowledge of this iteration because I have blocked both updates and plan to keep them blocked for the near future. My guess is their purpose is to force-feed us W10A8 v1803.
=> Why Have This "Facilitator"?
Here is Microsoft's stated purpose for the Facilitation Service:
"This update includes files and resources to address issues affecting background update processes in the Windows Update servicing stack. Maintaining Window Update service health and performance helps ensure that quality updates are installed seamlessly on your device and help to improve the reliability and security of devices running Windows 10."
I don't believe for a minute that it has anything to do with improving WUP; it's sole purpose is to nag you until you upgrade. FLASH: On 12 July 2018 AskWoody reported: KB 4023057 — an "update reliability" patch for older Win10 versions — has appeared again. Unless you want Microsoft to push you to a new version of Windows, you don’t need or want it — it only shuffles more telemetry data off to Microsoft.
=> How The "Facilitator" Works
It is important to note that once KB4056254 and KB4023057 are installed, they cannot be uninstalled.
The "Facilitator" is made up of three basic components
1. osrss Service
This System Service has the name "OS Remediation System Service". The service cannot be deleted, Disabled or even Stopped! It will always show Running, but does nothing if the UpdateAssistant Tasks are disabled.
2. UpdateAssistant
This is an executable which is invoked by the scheduled Tasks. By all accounts, this pops up the invasive window that tells you if you DON'T install the updates, life as you know it will end. To make things even worse, you can't do anything until this popup is dismissed. Hopefully, you will have a 'Skip' option which will do just that!
I believe UpdateAssistant can be uninstalled via Control Panel but will be re-installed by Microsoft. The only way to control it is by disabling the Tasks that invoke it.
3. UpdateAssistant Tasks
As of the February drop, there are four tasks that invoke UpdateAssistant at various times. All four Tasks (which are listed at the end of this post) must be !Disabled! Fortunately, so far Microsoft has not re-enabled these Tasks behind our backs. Let's hope this continues!
=> How to Avoid Installing These Updates
You probably installed these updates back in February. And, you got at least KB4056254 in June unless, if you're like me, you blocked them. In the off chance you haven't installed them, see my article:
How To REALLY Block Windows 10 Updates and Upgrades
If you have installed one or both of these updates, your only recourse is to disable the *four* Scheduled Tasks. Note: There were 4 tasks in the February drop; June/July may be different. Be sure and Disable any Task having a name starting with 'UpdateAssistant'.
############
Associated with these evil updates:
file=>C:\Windows\UpdateAssistant\UpdateAssistant.exe -access denied-
file=>C:\Windows\UpdateAssistantV2\UpdateAssistant.exe
service=>osrss "OS Remediation System Service"
Task Scheduler Library > Microsoft > Windows > Update Orchestrator
task=>UpdateAssistant
task=>UpdateAssistantAllUsersRun
task=>UpdateAssistantCalendarRun
task=>UpdateAssistantWakeupRun
W10 = Initial Release Windows 10 (v15xx
W10AU = Windows 10 Anniversary Update (v16xx
W10CU = Windows 10 Creators Update (v17xx
W10A8 = Windows 10 April 2018 Update (v18xx
WUP = Windows Update
Resources
AskWoody.com
########
Microsoft is at it again, trying to force-feed us the latest version of Windows. Updates KB4056254 + KB4023057 were re-released in June/July (2018) after first appearing in February. These two co-related updates are: Windows Update "Facilitator" and Update Assistant(V2). At the end of this post you will find a list of the files, services and scheduled tasks installed by the Feb updates -- I'm not sure of June/July details.
Together, these two updates are responsible for the annoying (and sometimes fatal) full-screen popup that interrupts what you are doing and tells you you MUST upgrade. By fatal I am referring to what happened in February when some users were FORCED to upgrade with no way to cancel.
February: these two updates, if installed, nagged the user to upgrade to W10CU v1709 and so should have appeared only if you were on v15xx, v16xx or v1703. Unfortunately, this invasive popup sometimes ignored the user's settings and started force installing! Microsoft soon after admitted this was 'human error' on their part.
June/July: I have no firsthand knowledge of this iteration because I have blocked both updates and plan to keep them blocked for the near future. My guess is their purpose is to force-feed us W10A8 v1803.
=> Why Have This "Facilitator"?
Here is Microsoft's stated purpose for the Facilitation Service:
"This update includes files and resources to address issues affecting background update processes in the Windows Update servicing stack. Maintaining Window Update service health and performance helps ensure that quality updates are installed seamlessly on your device and help to improve the reliability and security of devices running Windows 10."
I don't believe for a minute that it has anything to do with improving WUP; it's sole purpose is to nag you until you upgrade. FLASH: On 12 July 2018 AskWoody reported: KB 4023057 — an "update reliability" patch for older Win10 versions — has appeared again. Unless you want Microsoft to push you to a new version of Windows, you don’t need or want it — it only shuffles more telemetry data off to Microsoft.
=> How The "Facilitator" Works
It is important to note that once KB4056254 and KB4023057 are installed, they cannot be uninstalled.
The "Facilitator" is made up of three basic components
1. osrss Service
This System Service has the name "OS Remediation System Service". The service cannot be deleted, Disabled or even Stopped! It will always show Running, but does nothing if the UpdateAssistant Tasks are disabled.
2. UpdateAssistant
This is an executable which is invoked by the scheduled Tasks. By all accounts, this pops up the invasive window that tells you if you DON'T install the updates, life as you know it will end. To make things even worse, you can't do anything until this popup is dismissed. Hopefully, you will have a 'Skip' option which will do just that!
I believe UpdateAssistant can be uninstalled via Control Panel but will be re-installed by Microsoft. The only way to control it is by disabling the Tasks that invoke it.
3. UpdateAssistant Tasks
As of the February drop, there are four tasks that invoke UpdateAssistant at various times. All four Tasks (which are listed at the end of this post) must be !Disabled! Fortunately, so far Microsoft has not re-enabled these Tasks behind our backs. Let's hope this continues!
=> How to Avoid Installing These Updates
You probably installed these updates back in February. And, you got at least KB4056254 in June unless, if you're like me, you blocked them. In the off chance you haven't installed them, see my article:
How To REALLY Block Windows 10 Updates and Upgrades
If you have installed one or both of these updates, your only recourse is to disable the *four* Scheduled Tasks. Note: There were 4 tasks in the February drop; June/July may be different. Be sure and Disable any Task having a name starting with 'UpdateAssistant'.
############
Associated with these evil updates:
file=>C:\Windows\UpdateAssistant\UpdateAssistant.exe -access denied-
file=>C:\Windows\UpdateAssistantV2\UpdateAssistant.exe
service=>osrss "OS Remediation System Service"
Task Scheduler Library > Microsoft > Windows > Update Orchestrator
task=>UpdateAssistant
task=>UpdateAssistantAllUsersRun
task=>UpdateAssistantCalendarRun
task=>UpdateAssistantWakeupRun
- Joined
- Jul 4, 2015
- Messages
- 8,998
Updates the most simple and free way to protect your device, your data and the rest of the Internet from malicious activity.
Poor patch management (Ex: disabling updates) is one of the top reasons for device compromise. Any security engineer will tell you this is probably one of the dumbest things you can do.
Poor patch management (Ex: disabling updates) is one of the top reasons for device compromise. Any security engineer will tell you this is probably one of the dumbest things you can do.
- Thread Author
-
- #3
NO IT IS NOT DUMB! It is smart to block worthless updates that are not updates, in this case "updates" that want to force you to upgrade when you don't want to. If not me, listen to AskWoody:
On 12 July 2018 AskWoody reported: KB 4023057 — an "update reliability" patch for older Win10 versions — has appeared again. Unless you want Microsoft to push you to a new version of Windows, you don’t need or want it — it only shuffles more telemetry data off to Microsoft.
- Joined
- Jul 4, 2015
- Messages
- 8,998
Just a few examples
How & Why You Need To Install That Security Patch
5 Important Reasons Why you need Patch Management
The Importance of General Software Updates and Patches
What Are Security Patches and Why Are They Important? - Identity Theft Resource Center
15+ Experts Explain Why Software Patching is Key for Your Online Security
Link Removed
5 Reasons Why You Need Good Patch Management
How & Why You Need To Install That Security Patch
5 Important Reasons Why you need Patch Management
The Importance of General Software Updates and Patches
What Are Security Patches and Why Are They Important? - Identity Theft Resource Center
15+ Experts Explain Why Software Patching is Key for Your Online Security
Link Removed
5 Reasons Why You Need Good Patch Management
- Thread Author
-
- #7
####
I'LL SAY IT AGAIN AS SOME ARE NOT LISTENING
KB4056254 and KB4023057 are **NOT** Security Patches
THEIR PURPOSE IS TO FORCE YOU TO UPGRADE TO THE LATEST VERSION OF WINDOWS. HAS NOTHING TO DO WITH SECURITY.
- Joined
- Jul 22, 2005
- Messages
- 9,242
Microsoft is moving away from "Delta Updates" (cumulative updates) to "Express Updates" that use differential updates, depending on the build/file versions, to mitigate the problem of the cumulative updates getting bigger and bigger over time. There is a great article about this Link Removed. Patching Windows Update components can be considered a security update if it facilitates the delivery of future updates that mitigate serious threats. These threats are not just published by Microsoft, but other major corporations and governmental institutions like US-CERT.
If your concern is forced obsolescence, by design, being built into Windows, that has been going on for years. They overdid it with nag screens to upgrade to Windows versions, people complained, and they released optional patches to prevent the upgrade. But ultimately, they do have a time table to phase out updates for earlier versions of Windows. In particular, they are phasing out security updates for prior versions of Windows 10 because these are older builds of the same operating system, which I would estimate, require a very careful and arduous process of maintaining security updates compatible with every single build.
I would suggest re-evaluating why you are so fearful of future updates, especially if they streamline the update process or do not directly have an impact on you financially. If the updates are being distributed for free, and increase the stability of the Windows kernel and its various components, I don't see a problem. I'd also advise against blocking updates for most users, as you are only opening up your machine to potential security risks in the future.
- Thread Author
-
- #10
People are way misinterpreting what I am saying in this post.
@Mike says: "I would suggest re-evaluating why you are so fearful of future updates ...". I don't know how many times I have to say this: I am not fearful of updates and I apply all Cumulative Updates when safe to do so. In other words, I am generally at the latest Build# within a month of its release.
I am however fearful of two things
1. buggy updates (security or otherwise) that break Windows
Microsoft has recently confirmed that this month’s (July 2018) update rollout includes a botched patch that breaks .NET Framework and apps, and Windows 10 devices are affected as well.
=> for example Cumulative Update KB4345420 for Fall Creators Update (version 1709)
2. updates that are **NOT** security updates
KB4056254/KB4023057 (Windows Update "Facilitator" and Update Asst V2) are **NOT** Security Updates; their sole purpose is to force you to upgrade Windows. NO ONE has any reason to install them. Unfortunately most people will. If you don't want to be hounded, Disable the Scheduled Tasks detailed in this post.
@Mike says: "I would suggest re-evaluating why you are so fearful of future updates ...". I don't know how many times I have to say this: I am not fearful of updates and I apply all Cumulative Updates when safe to do so. In other words, I am generally at the latest Build# within a month of its release.
I am however fearful of two things
1. buggy updates (security or otherwise) that break Windows
Microsoft has recently confirmed that this month’s (July 2018) update rollout includes a botched patch that breaks .NET Framework and apps, and Windows 10 devices are affected as well.
=> for example Cumulative Update KB4345420 for Fall Creators Update (version 1709)
2. updates that are **NOT** security updates
KB4056254/KB4023057 (Windows Update "Facilitator" and Update Asst V2) are **NOT** Security Updates; their sole purpose is to force you to upgrade Windows. NO ONE has any reason to install them. Unfortunately most people will. If you don't want to be hounded, Disable the Scheduled Tasks detailed in this post.
- Joined
- Feb 5, 2009
- Messages
- 1,706
The only one misinterpreting anything here is you @terrym. Microsoft is not an evil entity. Windows is the most widely used operating system on Earth. Therefore they receive a constant barrage of threats from evil entities that are trying to rip people off. Keeping the O/S updated to the latest version is the first line of defense against them.
@Neemobeer , @Mike and Microsoft are far more trustworthy than AskWoody.com.
@Neemobeer , @Mike and Microsoft are far more trustworthy than AskWoody.com.
I do not see your point or your point misleading. It is nonsense to become an evil for the sake of against evils. Windows does neigher need to be the most popular nor force users to obey to their updates (it is users' devices, not theirs, have some common sense please!). In fact, their updates commonly introduce more problems, frustration and ignoring exper users who know how to gear up themsevlves.
Don't be lack of sense of software security because if you were a true expert, you should know the fundamental safety only be obtained by the user her/himself, the behaviour and awareness that they understand what the software means, NOT software itself of any gimmick, commercial or legal 'ripping off'/control users.
Last edited:
AvenocturnO
New Member
- Joined
- Mar 11, 2020
- Messages
- 1
I feel as you feel. I like a lot MS systems, i do like Linux based ones & OS X too, each of them are really usefull tools in different moments & ways, but there's no one single "honest right" to force nobody to nothing, we've paid for the system, not for let the system take actions over our will. I'm in the way to disable "Osrss" as soon as i know how. Later, several .cmd's could be made to really start or stop system's upgrade. When i'm working, usually not less than 15hs. each day, i need my WHOLE machine helping me, not even a single resource doing his will as an intruder. Win 10 is a nice system, but i'll not be co-ruled by him, i'm his owner.
Similar threads
- Article
- Article
- Article
- Article