Hide Windows updates as Post Install Task
I have some windows updates that cannot run for software dependencies in our organization. Such as new versions of IE and .NET 4.5.1.
Here are the 4 updates that need hidden:
4. .Net 4.5.1
Is there a way to run a .bat or some script to hide these updates for any user that logs in? This way when automatic updates run, they don’t get installed.
GPO at this point is NOT an option as the OU these computers go into while in post install tasks are run are not managed by GPO.
Other options I believe could work:
1. Disable Windows updates, and put the computer in the proper OU that will enable updates and not run those updates. However, honestly I don’t trust that GPO (or rather our windows update server) will hide these updates. I want to make sure they don’t run as it takes time to remove them after they are installed.
2. Hide them on the image, but I am not sure if that will persist through sysprep, and KACE.