Is Windows 7 updates necessary?

Community Forums/Developer Stations/Is Windows 7 updates necessary?

popcade(Posted 2017) [#1]
The latest Windows 7 convenience rollup adds about 2GB to my current Windows 7 SP1 installation, but actually I can't feel any improvements. And that doesn't bring any speed or stability change for my current setup, just wasting the space of my SSD, oh, and it brings a strange explorer.exe crash when shutting down.

So I installed another copy Win7 and only applies "Security Monthly Quality Rollup for Windows 7 SP1" that include only critical security fixes, and disabled Windows Update. It seems to work well enough, and still working with VS2015 etc.

Is there some very important updates I really have to install except security and runtimes?


RemiD(Posted 2017) [#2]
I have done the test on one of my computer where i have formatted the hard disk and resintalled windows 7 without any updates and desactivated the auto update functionality, of course i have the firewall setup correctly, an antivirus, an antimalware.
After several month (maybe more than a year), everything works well and the processor is often quiet because there are no annoying updates downloaded/installed in the background...
I had to install "directx runtime" because there was a missing dll, but that's about it.


Ian Thompson(Posted 2017) [#3]
Same here, nothing past SP1, just keep my drivers up to date manually via the various manufacturers websites. Has been fine now for years.


RustyKristi(Posted 2017) [#4]
Do not update.


xlsior(Posted 2017) [#5]
Just keep in mind: ANY security fix that you skip potentially enables others to break in and do whatever they want to your computer and data.

Do you really want to take the risk?


Kryzon(Posted 2017) [#6]
Read the description of the updates.
Most of the security fixes are for obscure stuff only IT people are concerned about, stuff that home users won't come accross.

I skip updates.


xlsior(Posted 2017) [#7]
Most of the security fixes are for obscure stuff only IT people are concerned about, stuff that home users won't come accross.


Just because the average home user doesn't know what a buffer overflow is, doesn't mean that they aren't at risk if the image loader library in their web browser contains one which may potentially be exploited by a malicious website (which unfortunately sometimes includes seemingly innocent bannerads on legit mainstream websites)

If security updates really didn't matter, MS wouldn't waste their time and money creating them, would they? IT people are concerned about them FOR A REASON.

If there is a KNOWN security hole that's being actively exploited, why on earth would you not install the fix that closes it?


RemiD(Posted 2017) [#8]
The problem with auto updates is that many updates are useless and unnecessary for a personal computer just used to run a few common programs/games and to browse on the interweb.

Don't be stupid, install the (few) critical updates (which are important to prevent any hacking of the os), you can find lists on the web which describes what each update is about.
But don't be stupid, don't install all updates if you don't know if it is really useful/beneficial, or not... Why would you ?


xlsior(Posted 2017) [#9]
But don't be stupid, don't install all updates if you don't know if it is really useful/beneficial, or not... Why would you ?


Unfortunately, Microsoft changed their update strategy last month -- they no longer release individual updates, but roll them all together into cumulative monthly packs now. The advantage is that you no longer have to download hundreds of updates after an OS reinstall, the monthly update should contain (almost) everything before it as well now.

However, that also means that you can no longer pick-and-choose which ones you wish to install or skip. It's smarter to install all of them than it is to install NONE of them.


RemiD(Posted 2017) [#10]
When i cared about that (summer 2015) it was possible to download each update individually and even install it without using the windows update tool ("KB blahblah") is it not possible to find the important ones online anymore ?


Matty(Posted 2017) [#11]
I use my phone for almost all online communications/internet - my PC doesn't run windows update and hasn't done so for a few years but then it is rarely connected to the internet and when it is it is for a specific purpose to upload or download a particular file to a location typically.


Steve Elliott(Posted 2017) [#12]
So you basically know f*ck all about Windows lol ;) Why even answer? We're all looking for an OS that is perfect for all needs, but we're not there yet!

Linux is the best bet because there are no egos or commercial pressures...Yet it still remains the choice of no more than web servers!

It is so very easy to critisize, but every OS has a fault.


Hotcakes(Posted 2017) [#13]
The advantage is that you no longer have to download hundreds of updates after an OS reinstall,

Not true. They're only bundling recent updates together, they haven't bundled all the previous 200+. Installing a fresh copy of Win7SP1 and running Windows Updates now takes a week (two on AMD) of continuous uptime to finish.


Henri(Posted 2017) [#14]
You can speed up the Win7 update process significantly by manually installing some (2 ?) specific updates.

-Henri


Hotcakes(Posted 2017) [#15]
Those suffer a similar problem, unless you disconnect from the internet, for some reason.


Henri(Posted 2017) [#16]
You are right. Windows automatic update needs to be turned off temporarily for it to work.

-Henri


EOF(Posted 2017) [#17]
What I can't understand is why all these thousands of security holes exist? Surely by the time MS reach Windows 7 they should have learned about many of the exploits applied to past products? Each release always claims to be the MOST SECURE EVVVAAAR yet you still get a metric tonne load of updates to due to more compromises and security risks. Windows must be like a colander with 12000 plasters patching up the holes.

Even the Windows 10 update method is fustrating. I can't stand the "Your PC will restart several times" stupidity. Now you have to wait 40 mins while the bloody thing is faffing around crawling through its archaic update process.

It kind of reminds me of a dodgy car repair shop, where all you need is a replacement spark plug yet the mechanic will claim, "ohh, thats a complete strip down. Its gonna take me at LEAST 3 days to sort it".


EdzUp MkII(Posted 2017) [#18]
the main claims for most secure ever is simply there is one less hole than previous versions at time of launch. If there are thousands it doesn't inspire confidence but is a good sales gimmick.

Windows has always had major security issues which has always been there, for me it was always the Linux Boot windows cd which when booted from you could remove the administration password allowing full access to all accounts on the system and that is just one exploit in a sea of millions.

Don't worry most of the other OS's have had issue's in the past as well as governments require certain ways in for "monitoring terrorism" etc. Who remember's the OSX file:/// which would kill it dead and linux's grub issues.

Ya want a secure OS write Ya own ;)


Winni(Posted 2017) [#19]
Gents, the least secure commercial OS out there, according to all hacker/black hat conventions, is macOS. It's the platform that always takes the least time to get hacked.

"Linux" is also only as secure as the software stack that you run on it. If you run Apache on your precious Linux kernel, or BIND, or an FTP daemon, then don't expect any security miracles anymore.

So you think booting a Linux Live CD on an existing Windows machine is an "exploit"? Huh? You have PHYSICAL access to the server, boot another OS on it and OVERWRITE existing files and configs? You call this an EXPLOIT? Really, you should look up the definition of security exploits. What do you think a Linux Live CD can do to an existing Linux installation? Or what do you think a macOS USB stick will do to an existing macOS installation once you fire up a shell and use your root privileges?

Why do "all these thousands of security holes exist"? Because Windows is a compilation of thousands of subsystems, written by imperfect humans in a shitty language called C, that's why. Out of the box, Windows has BY FAR the greatest feature set of all available operating systems -- it beats the crap out of macOS, and it ALSO beats the shit out of any Linux desktop installation. Yes, you can install a myriad of features on Linux, but the key phrase was "OUT OF THE BOX". Windows comes with a load of features pre-installed and pre-configured that most people don't even know exist, but that make the system so flexible, powerful and, yes, even comfortable. But that complexity also opens the door for additional vulnerabilities.


Linux is the best bet because there are no egos or commercial pressures..


That's a good one. I bet the developers at Microsoft (who committed more changes to the Linux kernel in recent years than ALL other developers together), Oracle, IBM, Red Hat and Canonical might have an entirely different perspective. "Linux" is an industry worth billions of dollars. Unlike everything people want to believe, "Linux" is NOT being developed by "enthusiasts", volunteers and hobbyists, but by developers hired by corporations following corporate agendas.

And as for the egos... The lady that developed the orginal USB 3 stack for Linux left the Linux kernel community because she couldn't handle the rude egos of her peers anymore and Linus himself is notorious for his extremely rude posts.

So let's just drop the romantic glasses. Linux might be Open Source and even "Free" software, but it definitely is also an industrial product like everything else. In most cases, you just don't have to put money on the table for a license in order to start using it. (The TCO for Linux, in my experience, is an entirely different topic and it actually is NOT cheaper to use Linux throughout the lifetime of a project than it is to run Windows.)

Ya want a secure OS write Ya own ;)


There is no such thing in a networked world anymore. Even if the OS itself might be relatively secure, the packets that you send over the network are open for anybody to read and manipulate - even if they are encrypted.


markcw(Posted 2017) [#20]
To answer the OP, I doubt it. I don't have auto update on and here's why.

After reinstalling Win 7 recently I found it was too slow booting when auto update was on but you need it on until SP1 is installed as the install process won't work with it off. I found you have to install all updates straight away or SP1 will not install properly and auto update stops working (I had to uninstall SP1 then install all other updates before reinstalling SP1). I also found Skype loading on startup was a major resource hog, when testing videos in the browser.

While I like Windows 7, it is cursed by the horde of malware out there. Even a simple search in Google resulted in some javascript exploit bringing my browser to a halt and forcing me to do a system restore, which is a great tool that saved me reinstalling a few times (so don't listen to the people who tell you to switch it off to improve performance). I don't bother with antivirus as they are all resource hogs (although free Avast would be my choice if I did) and I only visit trusted sites in Windows now. For Google searches I use Mac or Linux as I've never had any issues browsing with them.