If you like to drink from a poisoned fire hydrant, make sure Windows Update is enabled. But if you're at least a little skeptical about Windows patches, here are some easy steps to set up and see if your door is locked in front of wolves. Yes, you'll have to patch it then. No, you don't have to be slavishly taking whatever is given the task. I have seen several verified reports that Microsoft is now providing "seekers" with a new revised version of the Win10 update September-October-November-December 2018, version 1809.
Double, double, toil and trouble.
Fire burn and cauldron bubble.
(John Williams song for Halloween, used in Harry Potter)
Can we try it first?
If you no longer want to expose your machine to witch treatment, there are some quick and easy steps you should take to ensure that your machine withstands the attack of a Patch Tuesday.
Blocking automatic updates for Win7 and 8.1
People often forget that Windows 7 originally came with the auto-update feature turned off by default. It was left to the user to manually turn on automatic updating. We've come a long way.
If you are using Windows 7 or 8.1, Click Start> Control Panel> System and Security. In Windows Update, click the "Turn automatic updating on or off" link. Click the "Change Settings" link on the left. Set "Important Updates" to "Never check for updates (not recommended)" and press OK.
Blocking auto-update on Win10 Pro
If you are using Win10 Pro (or Education) version 1709, 1803, or 1809, I recommend the update blocking technique recommended by Microsoft for "Broad Release" in my vague Build 10 employment instructions - which is intended for administrators but also for you.
Step 1. Using the administrative account, press Start> Settings> Update & Security.
Step 2. On the left, select Windows Update. Click the advanced options link on the right. You see the settings on the screen.
Step 3. To get out of beta testing (or, as Microsoft would say, to move to a readiness level that is appropriate for widespread use in organizations), in the first box, select Semi-Annual Channel.
Step 4. To further delay new versions until they are minimally tested, set the feature update parameter to 120 days or more. This prompts Windows Updater (provided that Microsoft does not make another "mistake", as has been the case many times before) that it should wait 120 days after the new version is announced that it is ready for wide deployment and only then execute upgrade and reinstall windows.
Step 5. To postpone cumulative updates, set the "quality update" to 15 days or something. ("Quality update" = Cumulative Update = Bug Fix.) In my experience, Microsoft usually pulls out poor cumulative Win10 updates within a couple of weeks. If you set this to 10 or 15 or 20 days, Win10 will update after the main screams have subsided and (with some luck) the bad cumulative updates are pulled or reissued.
Step 6. Exit the settings pane only with "X". You do not need to save anything explicitly.
Step 7. Do not press Check for updates. Never.
If there is any real horror - months when the cumulative updates were irreversibly bad, and never got better, as it was in July this year - we will let you know, clearly and loudly.
Getting old access for Windows 10 Home
This is how things are with Windows 10 Home. Microsoft believes that Home clients are allowed to be exploited. Indeed the Win10 edition should be called Guinea Pig. Microsoft does not hesitate to impose new, untested (perhaps it should say "not quite thoroughly tested") updates and upgrades to Windows 10 Home machines.
This is not a mistake or overlook. Win10 Home users are by design an extended Microsoft power for beta-plus testing. Cannon meat. It's unscrupulous, and it's been that way since day one. According to SusanBradley: "Every version of Windows should enable disposal and pausing updates. ... Microsoft, your customers deserve better than this."
If you upgrade to the Pro Win10 is not possible - and I sympathize with you if you do not want to pay another $ 100 to Microsoft for something that should be standard - the only other option is to set your internet connection to metered. Measured links a temporary blocking plugin updates, which seems to help avoid cumulative updates, but as far as I can see, Microsoft has yet to be officially approved as a prophylaxis for cumulative updates.
To set your Ethernet connection to be measured: Click Start> Settings> Network & Internet. On the left side, select Ethernet. On the right, press your Ethernet connection. Then move the Metered connection slider to On.
To set your Wi-Fi connection to be measured: Press Start> Settings> Network & Internet. Select Wi-Fi on the left. Press your Wi-Fi connection on the right. Move the Metered connection slider to On.
If you set your internet connection to measure, you need to carefully monitor how the moon goes and evaluate when it's safe to let the devils out the door. At that point, turn off "metered" and just let your machine update. Do not click Check for updates.
If you really decided to block updates at all costs, check out Michael Horowitz's "Killing Windows Update on Windows 10" forum - cheat list.
PS: The latest Patch Tuesday: It was December 13, 2018, and consisted of 67 individual security updates, which fixed 39 issues in Microsoft Windows and other Microsoft software. Next Tuesday for patches will be January 8, 2019.