Friday, November 21, 2014

permissions - Windows 10 update 1803 apparently revoked `net stop` and `sc config` access



Scenario:

Bandwidth on my network is scarce, so I've had a batch script linked on my desktop to terminate greedy services, Windows Update and Delivery Optimization being the worst and most frequent offenders. Before the most recent Windows 10 update, this tool worked fine, with the main commands in question being



NET stop "Windows Update"
NET stop "Delivery Optimization"
SC config DoSvc start= disabled
SC config wuauserv start= disabled



Attempts with cmd, Services, or resmon: Before, Windows would undo all the Startup Type changes, so the script was more of a temporary fix. Now, however, Access is Denied for all of these commands, even when the script is "Run as Administrator." Even if I start the Services utility as administrator, all the options to change Startup Type or to stop the services are greyed out. I have not checked whether I can terminate these services from the Resource Monitor utility. I have found that I can takeown and del arbitrary executables in System32, so if someone knows what the executables are for WU and DO that may work too.

Potential Solution via Registry: From this question I found that it may be possible to edit the Startup Type of these services in the registry. I've found that in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DoSvc and ~\wuauserv there is no Start DWORD registry as seen in the above question, but there are DWORD registries called Type in ~\%svc%\TriggerInfo for DoSvc and wuauserv. Would editing these Type registries have the desired effect? If not, what is the registry that would?

EDIT: I wasn't looking in the right registry folder (is that the right term?), I do indeed have a "Start" registry for DoSvc and wuauserv; I tip my hat to @harrymc for his skepticism. However, when I attempt to set (DoSvc or wuauserv)\Start to 4, I get Cannot edit Start: Error writing the value's new contents.



Windows 10 Home v. 1803

Answer



In Windows 10 Home v. 1809, build 17763.194, those services can be controlled from CMD on this PC, so perhaps upgrade to v. 1809 might help.



Another work-around is to use a third-party tool such as ShutUp10 or an alternative to control egregious network use, not only from Windows Update, but from telemetry, live tiles, Cortana, advertising push, unsolicited network access to maps, and so forth. Some of these tools have configuration files, enabling one to load alternative settings to turn on or off Update. Regrettably, this is not quite as straightforward as a batch file, but it does provide additional options to reduce network resources abuse.



ShutUp10 controlling Windows Update


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...