# It is scary to me that Windows Update is now flashing the computer's BIOS!



## newtekie1 (Nov 18, 2019)

Knowing, and having experienced all the things that can go wrong with a BIOS update, it is scary that Microsoft is pushing BIOS updated through Windows Update.

I'm setting up a new Dell laptop and after getting booted into the desktop for the first time I connect to the internet and start installing Windows updates.

When they are done, I reboot to finish the updated and am greeted with an automated BIOS update screen!

When it finishes the BIOS update. The computer reboots, then just hangs at a blank black screen with the fan at 100% for about 3 minutes. Which is an eternity for someone who has seen a BIOS update go bad in the past. I knew to just leave it, but I wonder how many people would be impatient and hold the power button to kill the power. It finally POSTs to the Dell logo and boots normally.

At first I thought it might be the Dell assistant thing that did it, but looking at the Windows Update history it was clearly pushed out through Windows Update.

This, IMO, is a pretty dangerous path. It is scary to force a BIOS flash on the user with no way to opt out. What if the laptop was running on battery and I decided to restart, not knowing a BIOS updated had been downloaded in the background? Then the next thing I know the computer is doing a BIOS flash running on battery, which is definitely not advised! Maybe there is a system to detect the computer is on battery and cancel the flash? But somehow I doubt it.

I get it, security is important and all that, but damn this is just scary to me.

Sorry for the rant.


----------



## eidairaman1 (Nov 18, 2019)

My asus e203ma did it and it switched me from home to S mode, reason being is i couldnt access foxit reader, i wound up making a ms account, switched out of s mode and deleted the ms account.

I found out a way to install gpedit.msc on Home edition windows, i disabled auto os updates.


----------



## newtekie1 (Nov 18, 2019)

eidairaman1 said:


> My asus e203ma did it and it switched me from home to S mode, reason being is i couldnt access foxit reader, i wound up making a ms account, switched out of s mode and deleted the ms account.
> 
> I found out a way to install gpedit.msc on Home edition windows, i disabled auto os updates.



You don't have to create a Microsoft account to disable S mode. In the Microsoft store when it pops up asking for a Microsoft account, just X out of the pop-up and it will let you install whatever you are trying to install. This work on anything marked Free in the MS Store. I know, they don't make it obvious, and it took me a while to figure it out too.


----------



## juiseman (Nov 18, 2019)

Simple answer; yes, it is scary!! Is there an "official" bios recent release from the manufacturers site? 
I'm probably wrong; but does this have anything to do with Intel and the latest patches? 
crazy stuff....all these patches; if they keep coming out; seems like CPU performance may start to become noticeable..


----------



## eidairaman1 (Nov 18, 2019)

newtekie1 said:


> You don't have to create a Microsoft account to disable S mode. In the Microsoft store when it pops up asking for a Microsoft account, just X out of the pop-up and it will let you install whatever you are trying to install. This work on anything marked Free in the MS Store. I know, they don't make it obvious, and it took me a while to figure it out too.



Either way my trouble is fixed, the account is deleted but thanks for the tip


----------



## Solid State Soul ( SSS ) (Nov 18, 2019)

There is a sticky thread in the general software form about methods of how you can disable windows updates should you so desire, after bios and microcodes updates are being pushed trough windows update, disabling it was a must for me to have my peace with my machine


----------



## jsfitz54 (Nov 18, 2019)

newtekie1 said:


> I'm setting up a new Dell laptop and after getting booted into the desktop for the first time I connect to the internet and start installing Windows updates.



Which Dell Laptop Model?

I did an Inspiron 5593 last week with somewhat similar results.

I updated with Dell's utility: Bios, Audio, Intel Management Engine.

I used Intel's download App to try and install the newest Graphics Driver and it was rejected as not approved by Dell, (most likely Dell slow to approve) versions 25 to 26.

The following day I ran Windows Update again and saw the 1.2.0 Bios download from Windows, thought it was odd, and F2 into Bios to check version # to check if install was applied.
I think it went fine the first day and MS was double checking or recognizing that the new Bios was in fact installed.


----------



## newtekie1 (Nov 18, 2019)

eidairaman1 said:


> Either way my trouble is fixed, the account is deleted but thanks for the tip



Yeah, if you've already created the account, it is kind of moot. But it helps people in the future, or heck even if you have the account it is quicker to just X out than type the username and password.


jsfitz54 said:


> Which Dell Laptop Model?




It was a Inspiron 7580.



Solid State Soul ( SSS ) said:


> There is a sticky thread in the general software form about methods of how you can disable windows updates should you so desire, after bios and microcodes updates are being pushed trough windows update, disabling it was a must for me to have my peace with my machine



I have no real interest in disabling Windows Update, especially not on laptops I'm deploying to users. Because it's important to get the updates. The security and microcode updates are important. But I don't think Microsoft should be pushing BIOS updates. Or if they do, they should make it more clear what they are and that there are more risks associated with installing them and make them optional to the user.


----------



## eidairaman1 (Nov 18, 2019)

newtekie1 said:


> Yeah, if you've already created the account, it is kind of moot. But it helps people in the future, of heck even if you have the account it is quicker to just X out than type the username and password.



True, i just didnt see that option, i might of been on 1903 even. Either way im keeping on 7 or going reactos/linux. Ms has screwed its user base time and time again with ME/Vista, 8/.1/10.


----------



## DeathtoGnomes (Nov 18, 2019)

newtekie1 said:


> Yeah, if you've already created the account, it is kind of moot. But it helps people in the future, of heck even if you have the account it is quicker to just X out than type the username and password.
> 
> 
> 
> ...


There used be an option in WU to update hardware or not. WHat I think happened is that Dell pushed the BIOS update not m$( *gasp* ).




EDIT:I no longer see the option to opt-out of hardware updates.


----------



## hat (Nov 18, 2019)

Yeah, automatic BIOS updates would indeed be scary. Most people advise never to update the BIOS, unless you have a specific issue somewhere that the patch notes claim to correct. The chances are high there's going to be quite a few bricked computers floating around...

Ugh, combine stuff like this and the software toolkits that are being baked into UEFI these days and... I don't like the direction this is going...


----------



## Solaris17 (Nov 18, 2019)

Meh, I noticed it on my laptop pretty cool! Doesn't seem to affect desktops at all which makes alot more sense. That said it started doing it for me almost a year ago(?) I want to say, and my laptop gets relatively frequent BIOS updates and no issues here.


----------



## Bill_Bright (Nov 18, 2019)

And do you think Microsoft goes out to Dell and ASUS and 100s of other manufacturers and demands they provide updates for their 1000s of different products to include in WU? 

What happens is Dell, ASUS and the others submit those updates to Microsoft to include them in WU. So I think it important to put the blame (if blame is the right word) where it belongs. Microsoft is responsible for Windows' own native drivers. Beyond that, it is up to the various hardware makers. 

Granted, I would not be surprised if Microsoft "strongly encourages" makers provide BIOS and driver updates because, as newtekie1 puts it, "security is important".  The problem for Microsoft is when any problem occurs, regardless if security related or just hardware compatibility related, Microsoft knows they will be blamed whether or not it had anything to do with Windows. So they would rather be blamed for keeping our computers current than letting them become outdated. 

That said, most BIOS updates have nothing to do with security. Most just add support for new CPUs and RAM, etc. that came out after the board left the factory. Oh well. That's another issue.

I do agree it is scary but the facts are, WU really does have an outstanding track record. It has worked flawlessly each and every time for 100s of millions of users!

For sure, if Dell wanted to give you the option to flash your BIOS or not, they could have programmed their update routine to provide you a prompt. So is it Microsoft's fault Dell did not provide a way to opt out of that update?

Yes, it is scary but only because we've heard the horror stories about what might happen. But the reality is, when looking at the big picture, those problems are extremely rare. 

Years ago, I was probably one of the most hands-on windows "tweaker" out there. I became very proficient digging around inside and making changes in the Registry without bricking Windows. I insisted I control everything going on with my computers. 

But with my clients, I took a "_do as I say and not as I do_" attitude with them - so I could understand better, the configuration and state of their computers - should problems arise. And because many, sadly, didn't understand the irreversible power of Regedit. After W7 came out, I started to realize as more and more of my clients left the Windows defaults alone, they kept having fewer problems or even totally trouble-free service from their computers - or at least fewer or no problems totally unrelated to the OS.

So beginning with W10, I started heeding my own advice and starting leaving the defaults alone for all my computers too. I have 6 computers here. Three were upgraded from W7 to W10,  three built new with W10. Not one has broke due to a Windows Update. At worst, a couple have locked up but resolved with a simple reboot. 

I think Windows Update might be one of those areas where it would be best if we were all totally naive, and just have faith it will work. Because odds are, it will.



hat said:


> The chances are high there's going to be quite a few bricked computers floating around...


I don't agree. I am sure a conservative estimate would be we've flashed motherboards here 400 or more times  over the last 7 or 8 years. Not one has "bricked". Not one! Even 15 years ago, it was pretty rare. The facts are, motherboard/chipset makers have taken some pretty extreme measures to ensure program integrity during the flash process - so nothing is permanent until the system ensures all is good, or that it can be safely rolled back. 

It's not like 25+ years ago when a bricked motherboard required replacing the EPROM/EEPROM with a new one from the factory.


----------



## TheoneandonlyMrK (Nov 18, 2019)

Bill_Bright said:


> And do you think Microsoft goes out to Dell and ASUS and 100s of other manufacturers and demands they provide updates for their 1000s of different products to include in WU?
> 
> What happens is Dell, ASUS and the others submit those updates to Microsoft to include them in WU. So I think it important to put the blame (if blame is the right word) where it belongs. Microsoft is responsible for Windows' own native drivers. Beyond that, it is up to the various hardware makers.
> 
> ...



Yeah I see your points but you missed his.

This is not the same as a user enacted bios update.
The laptop user as newteckie says is likely to be less savy ,and that black screen hang for a bit would get a reboot off some, others as he says might not realise such an update is best done with a full battery, these are not the same circumstances as you flashing so many bios fine.


----------



## Bill_Bright (Nov 18, 2019)

No, I got his point completely. 

Even if he manually prompted the update, there's a good chance there would have been a black screen delay then too. So what's the difference?

His point was he was concerned about these automatic updates. My point was, the odds are, no problems will occur if we just let Windows do its thing.


----------



## hat (Nov 18, 2019)

The main difference is that an average user who is automatically doing a BIOS update, without his knowledge, may attempt to forcibly restart the computer when he sees strange behavior unknown to him. You don't normally get a long black screen after a windows update. If he were to perform a BIOS update manually, he would be much more likely to expect odd behavior.


----------



## Chomiq (Nov 18, 2019)

You sure that dell updater didn't force it? I'm using 5590 at work and it can push things like that if you won't notice.


----------



## Easy Rhino (Nov 18, 2019)

Chomiq said:


> You sure that dell updater didn't force it? I'm using 5590 at work and it can push things like that if you won't notice.



It would have had to initiate the BIOS update using Windows as a proxy for security.


----------



## Vayra86 (Nov 18, 2019)

Well, with a pushed update comes responsibility. If Dell bricks your PC with a forced update, they need to restore it.

But yes, its yet another small step for corporate kind, but a huge leap for our degree of control.


----------



## R-T-B (Nov 18, 2019)

newtekie1 said:


> Maybe there is a system to detect the computer is on battery and cancel the flash?



Usually yes there is.  Not sure about dells but HPs and AMIBIOS offer such a facility.


----------



## Bill_Bright (Nov 18, 2019)

hat said:


> The main difference is that an average user who is automatically doing a BIOS update, without his knowledge, may attempt to forcibly restart the computer when he sees strange behavior unknown to him.


Nobody is denying that. But an average user doing a manual BIOS update WITH his knowledge may forcibly restart the computer too. So its the same difference. Plus, you are basing this on strange behavior (excessively long black screen) happening. That in itself is rare.


hat said:


> If he were to perform a BIOS update manually, he would be much more likely to expect odd behavior.


Now you are assuming average users do BIOS updates. I would not make that assumption at all. Most users would not even think of doing a BIOS update, unless something else broke and probably not even then. 

Regardless, not the point. The point I was making is Windows Update works the vast majority of the time for the vast majority of users. Also, the vast majority of users don't want to manually mess with updates. They want their computer to just work, just like their TVs and phones.


----------



## Static~Charge (Nov 18, 2019)

It's time like this that I miss having a BIOS write enable/disable jumper on my motherboard....


----------



## John Naylor (Nov 18, 2019)

I have had far to many experiences with Windows Updates putting boxes on my workbench.   When Win 10 came out, i spent far too much time fixing items that broke in that 1st week or so.  

One of the big ones was nVidia drivers ... users had a new driver installed and they could no longer use SLI.  Going to the nVidia site and downloading the latest driver on their web site ... which was weeks older than MS's driver, fixed the problem ... until WU replaced again leaving them in a frustrating loop battle.  Since then, no box leaves the workbench w/o having Hardware Driver Updates disabled.  t hasn't gotten much better.

Still have problems here w/ other WUs ... KB4512506 was released w/ KB4474419  but if you let it auto install your system rebooted to a repair.    Problem was if ya didn't install 4419 1st, reboot and install 2506, the repair on subsequent reboot was unavoidable.   Still about 20% of the Win 7 boxes we've seen will not install 2506.  Been 3 months over which I been searching forums for a solution ... none found as of yet.


----------



## newtekie1 (Nov 18, 2019)

DeathtoGnomes said:


> WHat I think happened is that Dell pushed the BIOS update not m$( *gasp* ).



It was definitely pushed by Microsoft not Dell.



Bill_Bright said:


> And do you think Microsoft goes out to Dell and ASUS and 100s of other manufacturers and demands they provide updates for their 1000s of different products to include in WU?
> 
> What happens is Dell, ASUS and the others submit those updates to Microsoft to include them in WU. So I think it important to put the blame (if blame is the right word) where it belongs. Microsoft is responsible for Windows' own native drivers. Beyond that, it is up to the various hardware makers.



The blame rests on Microsoft because the updates are coming through their update system and they don't allow people to properly opt-out of that system or even properly warn people about what is going on and what is going to happen.

Microsoft is also allowing BIOS updates through the system, which they shouldn't.  Driver updates through WU is very different than BIOS updates at this point.



Bill_Bright said:


> I don't agree. I am sure a conservative estimate would be we've flashed motherboards here 400 or more times over the last 7 or 8 years. Not one has "bricked". Not one! Even 15 years ago, it was pretty rare. The facts are, motherboard/chipset makers have taken some pretty extreme measures to ensure program integrity during the flash process - so nothing is permanent until the system ensures all is good, or that it can be safely rolled back.
> 
> It's not like 25+ years ago when a bricked motherboard required replacing the EPROM/EEPROM with a new one from the factory.



I disagree with this.  BIOS updates are still risky, and powering down a system in the middle of an update is going to brick it.  There are some ways to recover from a bad flash, depending on the system-board manufacturer(e.g. ASUS' Flashback system).  I'm not aware of many pre-built systems that have those systems though.

It is definitely not true that nothing is permanent until the system ensures all is good.  You are still writing an eprom and there is no redundancy for the most part.

We, as enthusiasts and professionals, know not to turn the system off in the middle of a flash.  Which is why you don't see a whole lot of issue.  But turn it off in the middle of a flash, at the wrong time, and you got yourself a $1,000 paperweight.



hat said:


> The main difference is that an average user who is automatically doing a BIOS update, without his knowledge, may attempt to forcibly restart the computer when he sees strange behavior unknown to him. You don't normally get a long black screen after a windows update. If he were to perform a BIOS update manually, he would be much more likely to expect odd behavior.





Bill_Bright said:


> Nobody is denying that. But an average user doing a manual BIOS update WITH his knowledge may forcibly restart the computer too. So its the same difference. Plus, you are basing this on strange behavior (excessively long black screen) happening. That in itself is rare.



The thing that bothers me is I can definitely see a user freaking out at the BIOS update screen and even though it says to not power off the computer, they'd freak out and do it anyway.  I mean, how many viruses pop up with a big window saying don't power down your computer blah blah blah. And I've definitely encountered users that when they saw that, they immediately powered down the computer.

It's a screen they've ever seen before and weren't prepared or expecting to see.



Chomiq said:


> You sure that dell updater didn't force it? I'm using 5590 at work and it can push things like that if you won't notice.



Yes, it was definitely pushed through Windows Update.  It was listed under the Windows Update history once the computer rebooted.


----------



## DeathtoGnomes (Nov 18, 2019)

newtekie1 said:


> The blame rests on Microsoft because the updates are coming through their update system and they don't allow people to properly opt-out of that system or even properly warn people about what is going on and what is going to happen.
> 
> Microsoft is also allowing BIOS updates through the system, which they shouldn't. Driver updates through WU is very different than BIOS updates at this point.


Thats been my beef with m$ for a long time, they think they know whats best for everyone, power users be damned. When m$ removed the opt-out for hardware updates, I think they disguised  as some other setting. I havent taken the time to look for it since I just block WU manually.


----------



## remixedcat (Nov 19, 2019)

hat said:


> Yeah, automatic BIOS updates would indeed be scary. Most people advise never to update the BIOS, unless you have a specific issue somewhere that the patch notes claim to correct. The chances are high there's going to be quite a few bricked computers floating around...
> 
> Ugh, combine stuff like this and the software toolkits that are being baked into UEFI these days and... I don't like the direction this is going...



This!! And what if you're at a job site? Ugh, scary indeed.

One time at the allergists office the check in computer at the front desk was updating and it messed stuff up and they had to undo the updates so they couldn't check anyone in that wasn't there for weekly shots.

No wonder I see them phasing in macs..


----------



## Bill_Bright (Nov 19, 2019)

newtekie1 said:


> I disagree with this. BIOS updates are still risky, and powering down a system in the middle of an update is going to brick it.


Of course they are risky. I never suggested otherwise. But the risk is NOT that  bricking the motherboard is likely to happen as some seem to suggest or want us to believe. On the contrary, the fact is, odds are very much in our favor the update will occur with no problems at all.

The reality is that the concern is greatly exaggerated simply because failure can result in such a catastrophic failure!

If you walk outside, there is a risk you will get hit by a falling meteor. And if you get hit by a falling meteor, odds are you WILL die! But what are the odds a meteor will hit you? Not very big. That's all I'm saying here.

I guess it is like wearing a seat belt. There is a risk if you get into an accident, the release will jam, you will be trapped, the car will catch fire and you will be crispy-crittered. Does that mean you should not wear your seat belt? No.

I am a control freak when it comes to my computers too. So I fully understand your concerns. But I am also a computer tech who has witnessed first hand, over and over again, what can and will  happen if users fail to keep their computers updated. While that was good for my business, it was not good for my clients. So "for the greater good", I agree with MS and the motherboard makers here and think that automating these updates is better than letting users do it manually.

You want to blame MS on this - I think that is misdirected but certainly your choice. But I note there is always Linux too.


----------



## newtekie1 (Nov 19, 2019)

Bill_Bright said:


> Of course they are risky. I never suggested otherwise. But the risk is NOT that  bricking the motherboard is likely to happen as some seem to suggest or want us to believe. On the contrary, the fact is, odds are very much in our favor the update will occur with no problems at all.
> 
> The reality is that the concern is greatly exaggerated simply because failure can result in such a catastrophic failure!
> 
> ...



Wait, so you went from "they've built in all these safety features to make sure flashing the BIOS can't brick anything" to "yeah it can brick stuff, but it rarely happens".

No, I've seen it first hand.  I've also experienced users that pull the plug at the first sign of anything unexpected.  So this isn't a matter of if this will cause a bricked system, but when.


----------



## freeagent (Nov 19, 2019)

Is this just updating on newer systems? My pc took an update over the weekend. I had it powered down for some maintenance and went to fire it up and she wouldn’t load. I tried maybe 4-5 times to start it before I started to look for my usb stick. Plugged my stick in and hit go, my kid came to ask me a question at that time and I missed the post screen, but saw another screen saying it uninstalled an update due to start up behavior. It’s been good since, but I haven’t seen anything on winupdate so I’m not sure.


----------



## Edwired (Nov 19, 2019)

That odd though bios update has to be done manually not automatic otherwise there a big change that the motherboard wont like the new bios update which will result problems then again i may say it microcode update for security reason. As well it your own fault for not configuring device installation setting to not install driver or bios update by via windows update dont blame me if ya didnt


----------



## Prime2515102 (Nov 19, 2019)

DeathtoGnomes said:


> EDIT:I no longer see the option to opt-out of hardware updates.



gpedit.msc ---> Computer Configuration ---> Administrative Templates ---> Windows Components ---> Windows Update ---> enable "Do not include drivers with Windows Update"

Whether or not that will stop a BIOS update, I don't know.

Also, gpedit isn't included with Win10 Home but there are ways around that, I've read.


----------



## Edwired (Nov 19, 2019)

You find it in control panel, system properties, advanced settings, device installation settings should appear there. And the gpedit method isn't viable to do the trick as some windows 10 editions don't include certain features.
To find control panel is to search it in the start menu or task bar


----------



## DeathtoGnomes (Nov 20, 2019)

Prime2515102 said:


> gpedit.msc ---> Computer Configuration ---> Administrative Templates ---> Windows Components ---> Windows Update ---> enable "Do not include drivers with Windows Update"
> 
> Whether or not that will stop a BIOS update, I don't know.
> 
> Also, gpedit isn't included with Win10 Home but there are ways around that, I've read.


it used to be in the control panel page. & thank you.


----------



## Edwired (Nov 20, 2019)

Prime2515102 said:


> Actually that's been changed. It's now to allow or disallow installing manufacturers' apps and icons. With "no" selected drivers will still be updated but without any associated utilities.


It the same thing with drivers and bios as it stated manufacturer not microsoft as if you were to go back to windows 7 it said drivers now it said apps in windows 10 1909. that is the off switch to tell windows update not to update any device driver since i been using that method since windows 7 otherwise ya end up either microsoft own driver or manufacturer driver and cause more headaches if something go wrong. I turned that off before i connected my pc for update on line and it never updated the drivers in my pc as i manually install the driver myself


----------



## Khonjel (Nov 20, 2019)

Ughh I'm so conflicted in this issue. Recently windows downloaded and installed amd driver on my old all-amd laptop. The problem is, there's mouse cursor lagging issue in the laptop unless I use a specific dell oem driver from 2015. Even amd's official last driver from 2017 won't work. So I had to run ddu and the whole shebang. So fuck windows update right?

Otoh I recently jumped gun to Windows 10 1909 on my desktop this past week. Search wasn't working. And I've seen someone in this forum who had some other problem. What fixed our problems? A timely windows update that was downloaded, installed and was just waiting for me to press "update and restart".


----------



## Prime2515102 (Nov 20, 2019)

Edwired said:


> It the same thing with drivers and bios as it stated manufacturer not microsoft as if you were to go back to windows 7 it said drivers now it said apps in windows 10 1909. that is the off switch to tell windows update not to update any device driver since i been using that method since windows 7 otherwise ya end up either microsoft own driver or manufacturer driver and cause more headaches if something go wrong. I turned that off before i connected my pc for update on line and it never updated the drivers in my pc as i manually install the driver myself


Well holy cow, you're right...  Got fed bad info. Deleted post.


----------



## eidairaman1 (Nov 20, 2019)

Prime2515102 said:


> gpedit.msc ---> Computer Configuration ---> Administrative Templates ---> Windows Components ---> Windows Update ---> enable "Do not include drivers with Windows Update"
> 
> Whether or not that will stop a BIOS update, I don't know.
> 
> Also, gpedit isn't included with Win10 Home but there are ways around that, I've read.



There is a powershell script to enable it


----------



## Bill_Bright (Nov 20, 2019)

newtekie1 said:


> Wait, so you went from "they've built in all these safety features to make sure flashing the BIOS can't brick anything" to "yeah it can brick stuff, but it rarely happens".


 Well, of course! Can the best bank safe, designed to make sure it can't be cracked, absolutely positively 100% ensure the safe can never ever be cracked?

Can the absolute best lightning arrester absolutely positively 100% ensure no lightning strike will ever get past the arrester?

Exceptions don't make the rule. 

It is possible a drunk driver will run a stop sign, hop the curb, run across 3 lawns and crash into your front porch. Therefore, by your logic, you should always go out the back door. 


newtekie1 said:


> So this isn't a matter of if this will cause a bricked system, but when.


Yeah right. So for sure, by that logic, at some point in the future, a drunk will crash into your front porch.


----------

