mirror of
https://github.com/ChrisTitusTech/winutil
synced 2026-02-04 15:00:09 +00:00
79ee9db8fe
* Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatessecurity.ps1 * Update Invoke-WPFUpdatesdisable.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdefault.ps1 * Update Invoke-WPFUpdatesdefault.ps1
48 lines
2.6 KiB
PowerShell
48 lines
2.6 KiB
PowerShell
function Invoke-WPFUpdatessecurity {
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
Sets Windows Update to recommended settings
|
|
|
|
.DESCRIPTION
|
|
1. Disables driver offering through Windows Update
|
|
2. Disables Windows Update automatic restart
|
|
3. Sets Windows Update to Semi-Annual Channel (Targeted)
|
|
4. Defers feature updates for 365 days
|
|
5. Defers quality updates for 4 days
|
|
|
|
#>
|
|
|
|
Write-Host "Disabling driver offering through Windows Update..."
|
|
|
|
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" -Force
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" -Name "PreventDeviceMetadataFromNetwork" -Type DWord -Value 1
|
|
|
|
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Force
|
|
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DontPromptForWindowsUpdate" -Type DWord -Value 1
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DontSearchWindowsUpdate" -Type DWord -Value 1
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DriverUpdateWizardWuSearchEnabled" -Type DWord -Value 0
|
|
|
|
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" -Force
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" -Name "ExcludeWUDriversInQualityUpdate" -Type DWord -Value 1
|
|
|
|
Write-Host "Setting cumulative updates back by 1 year and security updates by 4 days"
|
|
|
|
New-Item -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Force
|
|
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "BranchReadinessLevel" -Type DWord -Value 20
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferFeatureUpdatesPeriodInDays" -Type DWord -Value 365
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferQualityUpdatesPeriodInDays" -Type DWord -Value 4
|
|
|
|
Write-Host "Disabling Windows Update automatic restart..."
|
|
|
|
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoRebootWithLoggedOnUsers" -Type DWord -Value 1
|
|
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "AUPowerManagement" -Type DWord -Value 0
|
|
|
|
Write-Host "================================="
|
|
Write-Host "-- Updates Set to Recommended ---"
|
|
Write-Host "================================="
|
|
}
|