Adding Windows updates to an existing image

M

mrnike

New Member
Hi folks,
I followed Hellbovine "Optimized Image guide", added some personal tweaks just to realise that i had forgotten to include the latest updates. So, my question:

if I apply windows updates in NTLite to an optimized image, will i have to reapply all the settings ?
If yes, how should i proceed ?

1) Launch the untouched windows iso, add the os updates and finally re-apply the settings. Are they all saved in the .xml file or should i re-apply Hellbovine's .reg as well ? If yes, is there a specific order (reg and xml) ?

2) Update the existing optimized image and reapply the settings ?

Thanks

 
The FAQ section in my guide discusses Windows Update stuff. Some tweaks won't work anymore after installing updates, since things evolve over time in operating systems and require new approaches. Guides like mine target builds rather than entire releases of Windows, and then we stay on those snapshots until it's time to revamp everything again, which ideally would be annually.

If you want updates though, go ahead and do them however you see fit, by unpausing Windows Update or with the special update feature inside the NTLite tool. After either method, apply all the .reg files again by double-clicking on them, then reboot and you're good to go, albeit with some of the tweaks breaking and without any new tweaks present to disable unwanted features that were added later. Updates can also be integrated into an image, but the processing order matters, so read this guide (link) for information on that.

Using component removals rather than the registry approach has the same scenario to contend with, and the "Remove reinstalls" button in NTLite needs to be used with a preset, to have NTLite uninstall previously removed files that were installed again during the latest updates. This is why so many people pause/disable various updating and automation, because Microsoft constantly interferes with the purity of a custom image otherwise.
 
Last edited:
All right, thanks for your reply.
Actually i'm not interested in getting the latest crap of microsoft, just wanted to do the security updates, as i've decided to give up on ESET and use defender for my least valuable computers.
In that case, would even those (security) updates reset tweaks ?
 
Any update can reset any tweaks you make. Apply the latest updates, restart pc, apply tweaks and restart again, a pita maybe but thats what you have to do.
 
Someone more versed in the nuances of updates can give a better answer than me, but it's my understanding that Microsoft has gotten away from the approach used during the XP era when updates were more individual, and nowadays all the updates are generally mixed together and there's no more "selecting just security updates" or other concepts like that anymore.

I avoid the mess entirely and just use the latest ISO that is released every year, since it includes all updates already integrated up to that point in time. Perhaps LTSC and embedded operating systems are an exception, since they are supposed to only receive security updates, but I haven't investigated how that works yet on W10/W11, since it's not relevant to the masses as those licenses are expensive and difficult to acquire legally.
 
Last edited:
How many bogies have ms slipped in under the guise of "security" over the years? my guess is loads.
Forums are on the constant lookout for ms ----ery and once a bogey has been identified a fix usually follows soon after.

cu's v individual updates - my brain farts and leaves me flying solo at the though of building a new windows 7 or 8.1 capture, thought and planning has to go into it but to build a new w10 capture my brain says meh, i got this covered. Gimme CU's anyday.
 
Yeah, there are a lot of subreddits where IT guys complain about Windows Updates making their lives miserable, and websites dedicated to the topic too, such as AskWoody (link). The reality is that security has never been an issue for consumers, it's almost entirely click bait news articles that have caused the topic to be prominent over the years.

Anyone that grew up on early computers knows we didn't even get a firewall until XP SP2, and Defender during Windows 8, yet we all managed to survive. In fact, things got worse after security was added and performance started to become a huge problem for gamers, since things like DEP and Firewalls caused most games to malfunction.

I've been without a firewall or antivirus since DOS and never had an issue, as well as using XP on my main computer until December of 2021 without a single security problem, while playing games online too. Basic stuff like being behind a router and using an ad-blocker does most of the heavy lifting, and from there it's just common sense (don't visit shady sites). Reducing attack vectors in Windows helps too of course, by disabling things.

I realize that approach isn't for everyone, and my only point is that computers don't catch fire and melt the moment they are connected to the internet without a firewall/antivirus like Reddit says. Most people just don't know anything about computers and that's the real security vulnerability.
 
Last edited:
Hellbovine said:
my only point is that computers don't catch fire and melt the moment they are connected to the internet without a firewall/antivirus
Click to expand...
I do not trust any machine that has been connected to the internet.
My next planned build will be 2 machines, an offline windows pc and a debian machine for online work and the only way data will be transferred between the 2 will be optical media, not even a usb key shared between them.
 
All right, i'll then install only the defender updates and will apply all the tweaks after.
BTW, thanks a lot for the amazing work for your guide.

ClaMod Note - Edited to protect user privacy.
 
Last edited by a moderator:
Any LTSC key that costs less than a few hundred dollars is probably illegal. When purchased from Microsoft we have to buy 4 licenses in total, which means 1 LTSC, plus 3 others of any kind, else they refuse to sell LTSC. This costs around $300-400 at a minimum, the last time I checked.

There are websites out there that sell keys and are promoted by many computer/gaming YouTubers, but those sites are overseas and their operations are illegal. They are cheap, since they recycle keys over time (give the same key to multiple customers), among other shady tactics. Just be aware.
 
Last edited:
You must log in or register to reply here.
Back
Top