Check Automatic Update Status
Simply open a command prompt and paste the code below.
If it returns a value of one (1), then congratulations!
A value of one (1) indicates that you DO have automatic updates enabled on your computer.
Drop me an Instant Message if I can assist you further.
(get-itemproperty hklm:\software\policies\microsoft\windows\windowsupdate\au -ea SilentlyContinue).NoAutoUpdate -ne 1
COMMON ARGUMENT FOR NOT ALLOWING AUTOMATIC UPDATES:
Companies often make their own problems worse by avoiding automatic updates.
BUSINESS CRITICAL – One of the most common arguments is that an automatic update might take down a “business critical” application. While sometimes well-intentioned, this is an argument that is often not well thought out because the cost of not allowing updates is often far worse, and not only affects the business-critical needs of the organization, but also the security of its employees and all other connected parties.
If applications break because of an update, then it gives us an opportunity to fix the underlying problem, make the applications more secure, and ensure conformity to current standards that other processes depend on. It is often much easier and certainly more sustainable, to fix any inherent problems in the application environment than it is to compound the problem by ignoring or postponing the update process. This is true even if the decision not to is in favor of a different solution such as WSUS. Those solutions should be in addition to the built-in automatic update features of Windows, not instead of them.
It is my belief as a Cyber Security Engineer, that the practice of not allowing systems to be updated on their own, in ‘addition to’ but not instead of WSUS and other update systems, is a very big mistake and one that is unfortunately common among a large percentage of companies.