Luckily, Microsoft has also added options to control how Windows Update functions. Many of these options are not available under the Control Panel so most users may not be aware that they exist. You can find them under Group Policy. Group Policy is a feature of Windows to control the environment of computers and users within an entire organization. If you’re talking about a home computer or a small network, it sounds like Group Policy isn’t a feature you need to touch. However, it can also be used for a single user on a single computer.

Please note that following this guide may put your computer at risk if you choose to turn off the automatic restart option and then do not restart manually to finish updates. Restarts are still required to complete the Windows update process but will no longer happen automatically.

Let’s start by opening the Local Group Policy Editor:

1. Open the Start Menu.
2. Type “Edit Group Policy” or “gpedit.msc”.
3. Click on “Edit Group Policy” or hit Enter.

You should now see the Local Group Policy Editor, as shown below.

The editor is split into two sections: one for users and the other for the computer. Windows Update is a computer setting so we are going to use that section.

1. In the left navigation bar, click on Administrative Templates under Computer Configuration.
2. 2. Double-click on Windows Components.
3. Double-click on Windows Update. Here are all the policies for Windows Update.

It’s important to note that if any of the Folders have a lock icon on them, the policies in that folder are being managed by your organization and cannot be controlled by you.

There are many options we can change in the Windows Update area, but the big one is the “No auto-restart with logged on users for scheduled automatic updates installations” option. This option tells Windows to not restart the computer if a user is logged in. It does have a catch though; it only works if the policy for “Configure Automatic Updates” is also set. So we will need to change two policies (highlighted in the screenshot below).

Start by double-clicking on “No auto-restart with logged on users for scheduled automatic updates installations”. The dialog that opens has help about this setting as well as the default behavior for Windows. Click on the Enabled option and then click OK.

Then double click on “Configure Automatic Updates”. Click Enabled to turn the policy on. The Options area shows more options for the policy. For those familiar with Windows XP you may recognize some of the options. For scheduled updates, choose “4 - Auto download and schedule the install” then pick a time and day that the updates should be installed. Be careful using the “Install during automatic maintenance” option; this option will install the updates during the daily maintenance that runs on the computer and may still result in unexpected restarts. For more flexibility over when individual updates are installed, choose option “3 - Auto download and notify for install”. For more information on the options read the help on the right. Click OK to save the settings.

You can easily reset either of these options by selecting the Not Configured option and pressing OK. When the options are not configured, they use the Windows defaults.

Using the Group Policy you can take control over Windows Updates. Just make sure they still happen, or you’ll risk turning into the person that unleashed the viruses on your office!