FAQ: How to manage Windows 10 updates

If you've spent years mastering the ins and outs of Windows Update, prepare to do some unlearning. Windows 10, with its emphasis on "Windows as a service," rewrites almost all the rules of updates and upgrades. Here's what you need to know.

With Windows 10, Microsoft has completely rewritten the Windows Update rulebook. For expert users and IT pros accustomed to having fine-grained control over the update process, these changes might seem wrenching and even draconian.

You can't pick and choose which updates to install? There's no option to delay updates on PCs running Windows 10 Home? Welcome to Windows as a service.

ed bott

Take control of your privacy in Windows 10

Where do you draw the line on personal privacy? The right options are different for everyone.

Read More

The new update rules are designed to solve some nagging problems in the PC ecosystem. For example, if every user can choose some updates and reject others, the number of potential configurations approaches infinity; Microsoft argues that all those untested variations make effective quality assurance much more difficult.

Likewise, Microsoft's generous 10-year support lifecycle has enabled fragmentation in the installed base: Over the past decade, Microsoft's engineering staff might be supporting as many as five major versions at the same time. In a world where security challenges arrive at breakneck speed, that stretches support resources to the breaking point.

Other Windows 10 FAQs in this series:

And thus a new approach to Windows Update, whose goals are to have the majority of Windows users fully patched at all times, with only a few versions to support and an installed base that is mostly running one of the two most recent versions.

This FAQ covers the details you need to know.

What kind of updates are available for Windows 10?

Microsoft provides two types of update packages for Windows 10:

  • Feature updates are the equivalent of what used to be called version upgrades. They include new features and require a multi-gigabyte download and a full setup. Each version update gets a major version number that corresponds to its date of release, in the yymm format, as well as a build number that identifies it. Version 1607, for example, was finalized in July 2016 and is identified as build 14393. Microsoft's intent is to deliver Windows 10 feature updates two to three times a year.
  • Quality updates address security and reliability issues and do not include new features. These updates are cumulative, and they increment the minor version number after the major version number. The January 2017 cumulative update for version 1607, for example, is 14393.693. Even if you skip several months' worth of updates, you can install the latest cumulative update and you will be completely up to date.

All security and reliability updates are included in a cumulative update and cannot be selected or rejected individually. That's a major change from previous versions.

Besides these cumulative updates, you might see servicing stack updates delivered separately. These update packages fix issues in the code that Windows 10 uses to scan for and process updates. Security updates for Adobe Flash Player and definition updates for Windows Defender are also delivered separately.

Hardware drivers and firmware updates can be delivered through Windows Update. Typically, these packages are provided only when the driver fixes a bug that causes instability on targeted systems.

How are updates delivered in Windows 10?

For consumers and small businesses, both quality and feature updates are delivered via Windows Update. Organizations can use internal update management solutions, such as Windows Server Update Services, to distribute updates to computers on a corporate network.

Feature updates are delivered according to servicing branches. By default, all Windows 10 computers are enrolled in the Current Branch, in which updates are delivered via Windows Update shortly after they're released by Microsoft. (Because of the enormous number of machines that receive Windows updates, Microsoft "throttles" update delivery to manage the load on its servers. As a result, it may take weeks or even months for a feature update to roll out to all of the hundreds of millions of devices in the Current Branch.)

Those feature updates are published to the Current Branch for Business at least four months later, allowing for four months of quality updates designed to address reliability and security issues discovered during the first few months in the Current Branch.

Quality updates are delivered at the same time to all supported branches. These cumulative updates arrive on the second Tuesday of each month, or Patch Tuesday, as it's widely known. (Microsoft officials refers to this day as Update Tuesday.)

Microsoft may deliver additional updates throughout the month, including cumulative updates and servicing stack updates. So-called out-of-band patches to address critical security issues may appear at any time, generally in response to reports that a Windows flaw is being actively exploited.

How can I tell which updates are installed?

See the list under Settings > Update & security > Windows Update > Update history. It should look something like this.


This list shows all updates installed since the last feature update.

How do I know whether my system is up to date?

Follow this link for instructions on how to identify the build installed on your device and compare it to the master list of Windows 10 updates:

Windows 10 tip: Find and decode secret version details

When does Windows 10 install updates?

Windows 10 downloads updates in the background and installs them automatically. Beginning with version 1607, you can specify Active Hours when you don't want to be interrupted by these installations. In theory, that prevents a large update from interfering with your workday activities, although the strategy fails if you shut your device down at the end of the day and don't restart until the next day.

In the Creators Update, Microsoft says it will offer more notice over when updates have been installed and offer greater control over when they are installed.

Can I delay feature updates?

If you're running Windows 10 Home, there is no supported way to delay the installation of updates. When a feature update is available, it will install in the next window outside Active Hours. You can try various workarounds, such as shutting off the Windows Update service or setting your network connection as metered, but these only briefly postpone the inevitable.

In Pro, Enterprise, and Education editions, you can defer feature updates for up to 10 months after their release to the Current Branch. To do so, use Windows Update for Business, which consists of two separate settings:

  • Switch to the Current Branch for Business (CBB). In version 1607, you'll find this option in Settings > Update & security > Windows Update > Advanced Options. Select the Defer feature updates checkbox to move to the CBB. That gives you at least a four-month delay compared to the Current Branch.
  • Use Group Policy to defer feature updates by up to six more months. You can use Group Policy settings on a local PC or in a Windows domain to assign PCs to the CBB and then defer feature updates by up to 180 days more. To access these settings for a local PC, open Local Group Policy Editor (Gpedit.msc) and navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > Select when feature updates are received.

Use these Group Policy settings to defer feature updates for up to 10 months.

Once those 10 months are up, you must install the feature updates. No further deferrals are permitted.

Can I delay quality updates?

Here, too, the answer for Windows 10 Home users is an unqualified no.

Business users can use Group Policy to defer the installation of quality updates by up to 35 days. This setting is available under Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Windows Updates > Select when quality updates are received.

After that grace period, no further delays are permitted.

Note that beginning with the Creators Update, due for release in Spring 2017, this option will be available in Settings > Update & security > Windows Update > Advanced Options > Pause updates.

Can I uninstall a driver delivered through Windows Update?

Yes. Follow these instructions to remove the driver and prevent it from being installed again:

Windows 10 tip: Hide unwanted drivers in Windows Update

More update questions? Leave them in the comments or, better yet, send me an email using the contact form on my bio. (Click the envelope icon.)

Do CIOs care about Windows 10?


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All