Added January 26, 2022: All lists provided on this page are no longer updated.
Microsoft released update files including defects many times so far. I do not want to apply those released files immediately.So let's refuse Microsoft Windows update servers with the firewall and get peace of mind.
Use one out of the following three methods on this page. (pf, iptables, Windows Firewall)
- pf table for OpenBSD/FreeBSD:
- pf_windows_update_us.txt (For United Status IPv4)
- pf_windows_update_de.txt (For Deutschland IPv4)
- pf_windows_update.txt (For Nippon/Japan IPv4)
pf_windows_update_ww.txt (For World Wide IPv4)DELETEDpf_windows_update_ww_opt.txt (For World Wide IPv4 Optimized)DELETED
- pf_windows_update_us_ipv6.txt (For United Status IPv6)
- pf_windows_update_de_ipv6.txt (For Deutschland IPv6)
- pf_windows_update_ipv6.txt (For Nippon/Japan IPv6)
pf_windows_update_ww_ipv6.txt (For World Wide IPv6)DELETED
- iptables rule file for Linux:
- iptables_windows_update_us.txt (For United Status IPv4)
- iptables_windows_update_de.txt (For Deutschland IPv4)
- iptables_windows_update.txt (For Nippon/Japan IPv4)
- Windows PowerShell script for Windows Firewall:
- winfirewall_windows_update_us.ps1 (For United Status IPv4)
- winfirewall_windows_update_de.ps1 (For Deutschland IPv4)
- winfirewall_windows_update.ps1 (For Nippon/Japan IPv4)
These files are updated every day.
Added January 26, 2022: All lists provided on this page are no longer updated.
Usage of Windows PowerShell script
Download above links.
Left click on the Start button.
Select [All apps].
Find [Windows PowerShell] and open nest menu. Left click on the [Windows PowerShell].
Right click on the [Run as Administrator].
PS C:\Windows\system32> Get-ExecutionPolicy
Restricted
Enter "Get-ExecutionPolicy" and [Enter].
Check the result.
PS C:\Windows\system32> Set-ExecutionPolicy Unrestricted Execution Policy Change The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at http://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy? [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): y PS C:\Windows\system32>
Enter "Set-ExecutionPolicy Unrestricted" and [Enter].
Enter "y" and [Enter].
PS C:\Windows\system32> ~\downloads\winfirewall_windows_update_us.ps1 Security warning Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message. Do you want to run C:\Users\foobar\downloads\winfirewall_windows_update_us.ps1? [D] Do not run [R] Run once [S] Suspend [?] Help (default is "D"): r
Enter "~\downloads\winfirewall_windows_update_us.ps1" and [Enter].
Enter "y" or "a" and [Enter].
Name : {bbf4a6cc-7d38-4825-ac25-9bad3d44f033} DisplayName : Windows10Update_Inbound Description : https://gato.intaa.net/net/windows_update_filter DisplayGroup : Group : Enabled : True Profile : Any Platform : {} Direction : Inbound Action : Allow EdgeTraversalPolicy : Block LooseSourceMapping : False LocalOnlyMapping : False Owner : PrimaryStatus : OK Status : The rule was parsed successfully from the store. (65536) EnforcementStatus : NotApplicable PolicyStoreSource : PersistentStore PolicyStoreSourceType : Local Name : {6515e352-8561-401e-a62d-e9d79b28760b} DisplayName : Windows10Update_Outbound Description : https://gato.intaa.net/net/windows_update_filter DisplayGroup : Group : Enabled : True Profile : Any Platform : {} Direction : Inbound Action : Allow EdgeTraversalPolicy : Block LooseSourceMapping : False LocalOnlyMapping : False Owner : PrimaryStatus : OK Status : The rule was parsed successfully from the store. (65536) EnforcementStatus : NotApplicable PolicyStoreSource : PersistentStore PolicyStoreSourceType : Local PS C:\Windows\system32>
An outbound rule and an inbound rule are loaded.
Check results.
PS C:\Windows\system32> Set-ExecutionPolicy Restricted Execution Policy Change The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at http://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy? [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "N"): y PS C:\Windows\system32>
Enter "Set-ExecutionPolicy Restricted" and [Enter].
Enter "y" and [Enter].
Remember this.
Right click on the Start button.
Left click on the [Control Panel].
Left click on the [Windows Firewall].
Left click the "Advanced Settings" link.
Select [Inbound Rules] or [Outbound Rules] on the left side.
Find and select "Windows10Update_Inbound" or "Windows10Update_Outbound" on the center.
If you want to disable the rule, click [Disable Rule] on the right side.
If you want to delete the rule, click [Delete] on the right side.
Read also: Windows Spying Filter