Achieve better patch compliance with Update Connectivity data

Hi, I noticed this problem a long time ago - Great that Microsoft is improving it!

Thank you for the updates.

Or. Updates can be smaller and install faster ;)

So to achieve such insights we should rely on the feature or expedit reports.

But if we don't plan to deploy an expedite, or our devices are already in our target release?

This clearly lacks a long time requested report for quality updates.

Or is this info available on log analitycs?

Is this only available in Intune, or is that something we can benefited in SCCM too?

Hi

How do I use this data from Update Compliance?

//Lasse

@wroot, we've already done that with Windows 11; see How Microsoft reduced Windows 11 update size by 40% - Microsoft Tech Community. There are limits though so it's much easier said than done.

You guys are far beyond what real world needs as an operating system. You got your world. You filter statistics what suites you, make corporate reports but the real world does not reflect what you are talking about. Constant errors with updates, constant bad broken updates that constantly break other things. Just look at your feedback app... get your head from you know where. Implement what people need. Windows 8 was a joke... with philosophy that everything will be touch... windows 10 was a joke with start menu issues from the get go... windows 11 is a joke with features taken away. Oh come on... just come on... what did you do to skype? joke. Just Office seems to escape corporate politics. TPM, 7th gen CPU... do you really think thats what most of the work uses? what a joke... you can get away with thisnonsense only because there is nothing else to use. People are familiar with windows. censor this post... hahaha.

How about the elephant in the room.  How about an OS that does not require reboots.  This would solve a lot of wasted time waiting for the computer to become usable.

devices need a minimum of two continuous connected hours, and six total connected hours

What exactly does that mean?  If we assume that the 'two continuous connected hours' are generally required to successfully download the update, what are the other 6 connected hours for?  Is this a general statement, or just a statement related to hosts that are managed by InTune?

Good luck with leaving devices on overnight, the default sleep on AC / mains setting is 30 mins, this is the biggest issue I find with users not getting updated. Change this default to 60mins and you would immediately see an improvement in update connectivity of devices.

Wow - Microsoft, this is a bad take.

Did anyone consider any other options than blaming the users for not leaving their computers on long enough? Maybe this is the result of trying to make Windows Updates appear to go faster by doing things in the background.

You can't get your own updates to install properly in a timely manner, so every Windows 10 user everywhere is supposed to leave their computers on for hours and hours in case some updates come through?

(Ideas off the top of my head) What about new power policies that can have the computer not sleep for an extra few hours just once a month instead of all the time? How about additional user notices that background updates are still going on? A choice to "finish background updates and then shut down."

Instead, we all have to waste electricity to make this broken update system work. I don't want a dashboard to find computers that aren't powered on long enough - I want a real solution where updates are provably installed in a predictable way.

Back to the drawing board - think of something better!

Yeah, this doesn't mesh well with all the "renewable energy" slogans. You run your data centers green, but make billions of users to heat the world with their computers. I think the idea of doing background updates and active hours was good on the paper, but having to deal with such huge updates and how long it takes for Windows to chew them it doesn't work that well.

Some very good questions asked, thank you.

To utilize this information with Configuration Manager you can use Update Compliance.  Because the data that drives the InsufficientUpdateConnectivity alert is pulled from online Microsoft services, we don’t currently have any plans to add this for on-prem servicing.

The 2 continuous hours mentioned above are included in the 6 hours total (in other words, it’s not 8 total hours).  This criteria allows for devices that intermittently are on, or intermittently connected to the internet.  Some parts of the update process can restart where they left off, like the downloads.  Others need to restart from the beginning if the device shuts down.  So these are both taken into account in the criteria.  Often, devices finish in less than this bar, so a good way to think of this is that devices that have more than this min bar have high confidence had enough update connectivity to be successful.

@pembertronics ,  exactly right! Updating the default power settings can really help enabling overnight updates.  This whitepaper has some recommendations for power settings for achieving great update adoption (go to this link, select the download button, and choose the “Optimizing Windows 10 Update Adoption.pdf”:  http://aka.ms/updatevelocity

Microsoft wants to ensure and help in the correct update of Windows - thanks to additional tools , so writing about ecology does not apply to this thread

@David_Guyer Comments flow off the MS back, like water off a duck. 

1. People don't like Updates.

2. People don't understand why it needs hours to Update.

3. People don't want to spend minutes for Reboots.

4. People don't understand why frequent Updates are needed. Secure your products ahead of time instead of patch the problems after they occur.

5. Blaming users for broken updates is a good way to lose face (if there is any more face too lose)

Windows was broken in 2000, and it is broken today. And it seems that all other applications are equally broken. What gives? 

@hedhman  Hi

" 

2. People don't understand why it needs hours to Update.

3. People don't want to spend minutes for Reboots.

4. People don't understand why frequent Updates are needed. Secure your products ahead of time instead of patch the problems after they occur.

5. Blaming users for broken updates is a good way to lose face (if there is any more face too lose) "

The migration of updates and the time it takes to do so depends on the performance of the processor and motherboard, as well as the settings and habits of the user!

The user after so many years should know how to proceed to properly implement the update, in the organization it is obvious.

I cant understand how the recommendation can be „leave the machine online for 6 hours“ like what? This is 2022. The whole world should be thinking about energy saving and Microsoft recommends to leave the computer running for atleast 6 hours? 

@jbohlmann   Hi                   "The time required to download updates depends primarily on the speed of your Internet connection, network settings, and the size of the update. Make sure your device is plugged into a power source and connected to the Internet to get updates faster." 

It is not possible to give an exact time for the full update process, for fast computers it can take a few minutes, so for administrators it will only be an additional help and indicator in case of errors in the correct implementation!

@A1 We are talking about updates. It takes aprox 2 min to download a 200Mb update with a 16Mbit connection. If i need 2 hours of connected time the only question is why does it take 118 Minutes to find the update and install it. 

" Update Connectivity can be a useful tool in determining just how much risk these devices introduce and what actions, if any, should be taken to improve update compliance."

I did not write about 2 hours, so this is not a question for me.

Connectivity to the Update Service is a process

Unfortunately Microsoft has made very little effort to understand the needs of occasional users in recent years. It'is not the customers' job to put the computer online for days in order to get updates, but the vendor's job to make the updates efficient. To me, this news means Window is completely unsuitable as an operating system for occasionally used slightly older computers. In my circle of friends I look after numerous PCs that have been replaced by newer ones in companies and are completely sufficient for occasional use for a long time. However, 80% of their resources are used by Windows Update and perhaps 20% are used productively by the users. Have you ever heard of sustainability, resource and energy efficiency? By the way: not only for private use many computers are needed occasionally only. I have been working as an IT expert for more than 30 years and know numerous business use cases where computers are used occasionally only.

Some company has removed the mandatory option to "Install updates at Shutdown" and the easy way to view the windowsupdate.log.
The same company is now wondering...

BTW: WSUS don't get any new features at all, deployment of Office Updates using WSUS is no longer possible an so on... 

As I read some entries I wonder if some people think that the computer is a TV and does not require maintenance and it is best to have it turned off - because it does not consume energy!

I think administrators are a bit more aware of responsibility and will take the right steps!   

This is not just a waste of energy but running ALL Windows PCs unattended over night poses serious risks (fire risk for example).

Why not teach users instead how to perform a Windows update and if needed (update runs longer than workday) to let the PC run on that occasion only.

Doesn't sound like a good idea to me.

Hi David_Guyer

Can you explain how to use the Alert Type from Update Compliance? I do not see that data at all. Would be really nice to understand that alittle better

//Lasse

This whole post screams of incompetence.

So instead of fixing the core issue of update needing 8 hours, just leave it connected for 8+ hours.

Incompetence are some entries that expect Microsoft to fix and update computers in a few minutes and without power (or only green energy) and without an Internet connection !

just congratulations on the ideas!

@A1  I bet every single person here knows that computers consumes energy and needs maintenance and thats okay, BUT requiring hours of online time to just UPDATE your operating system? Yes computers are no TVs. But even TVs updateting in a few minutes. Keep in mind that the typical windows PC has much more performance than a TV. 

Why is Windows the only thing that requires HOURS of online time to make sure it receives updates. If these hours would atleast ensure good updates. No we have to regularly uninstall Updates because Microsoft doesnt test anything. 

Do you geniuses realize that some people sleep in the same room with their PC?! You know, it's awesome to be awaken at 3 am by cpu fans processing your updates. Haven't Windows had a monopol as PC gaming platform i would have switched to Ubuntu or something looong time ago because of this!

"Where to find Update Connectivity data
You can currently see which devices have Insufficient Update Connectivity in Microsoft Intune. To find devices with an update policy not meeting the minimum Update Connectivity requirements navigate to."

Only in this service is this feature available, so home users can use their computers as they want!

Modern implementation of updates in the organization is the most important task, any new tool that helps in the hunt for an outdated computer is helpful!

What about the hours admins and IT staff lose because of buggy updates.  Or even more important, how many hours of user productivity are lost due to patches breaking common network functionality?

Wow what a wall of rants. I am happy that we have the dashboard but would like to join the following points

Claim 1: updates should not need any restarts

Reality check:  it is there but only for Windows Server 2022 Azure Edition, all other do not support hotpatching. Not even Azure Stack HCI 21H2 - yet - where it would be even more useful as on a VM that will never see an UEFI POST. 

Proposal: please elaborate why this is a feature reserved for a special edition of an OS. You achieved important things with enablement packages and made these achievements available for all modern OS. This should be a target for Windows 10 / 11 with the next release.

Claim 2: Updates consumes too many resources

reality check: the main issue I have with updates in the background that they are taking too many resources for a long period of time.
This is because the servicing (dism) runs with low priority and there is no user or GPO option to adjust it. It is a bad design. While the idea is to prevent users noticing the update process, the process takes a long time even on the most powerful machines. Have you recently seen how long a 4 core VM needs to install the 12-2021 CU for Windows Server 2019 / GUI or core. Ofc everything better than Windows Server 2016, but the same goes with clients.

During updates the CPU is easily busy with 2 or even 4 cores. The disk is doing pretty much nothing. Please compare the installation times of Windows 7 and 8 to current Windows 10 / 11. It was way faster on the same hardware.

Proposal:

- How about to do all servicing operations in RAM and then write back to the disk when finished? (at least when there is enough free RAM).

Claim 3: When an update for 21H2 has a size of few hundred MBs nearly 650 MB x64 and 305 MB for x86. So what takes so long to unpack and apply it via dism?
tldr: speed up the update process.

Reality check:  that's an unfortunate fast, despite with every iteration of Windows the updates should become smaller, now with the enablement packages they grew in size again.

I love the enablement packages but they have some tradeoffs.

The 2004/21H1/21H2 x64 update package is nearly 100 MB bigger than the 1809 update, this even though it contains much more monthly CUs.

Proposal:
- introduce a setting in settings app and GPO / CSP to control the default priority mode of installing updates.

- try to make dism more multithreading. It is very slow even on most modern 5 GHz CPUs with lots of RAM and NVMe. It could literally take a minute or two.
we are not even talking about any security solution like Defender or 3rd party. This comes natively.

Performance References:
- pre Windows 10 versions
- Installing Windows from scratch takes less than 2 minutes on my machine, patching takes way longer, regardless the version and update size.

It is not acceptable that a system, especially ultrabooks with their 15 Watt TDP limits, needs literally ages to install cumulative updates.
I agree @A1 it is much about the CPU and specs but dism does not scale well at all.

Proposal: In a near future please recompile all Windows processes to be x64. With combined efforts we could make the next version of Windows a x64 native OS, where SysWOW64 becomes an optional feature. In theory, this would cut the OS and update size and installation time to nearly a half.

Proposal: Deploy updates with WIM or ESD, this would reduce the size due to compression and deduplication that should be more efficient than cab files. Isn't it?

When we apply an update or install Windows it would be possible (with adjustments) to apply the content of the wim / esd to the online disk and reboot to make changes effective.

Proposal: Disable System Restore on drive C by default. It is an uneccessary old tech, which produces overhead and fragmentation (even on SSDs). It recently had a security issue, MSRC adviced to disable it altogether.
However it is enabled by default and if you disable it manually to follow the MSRC, it will be re-renabled after an in-place upgrade.
It does not help in worst case scenarios anymore as the Windows registry is no longer part of the VSS snapshot.
In modern Windows OS the user can now uninstall updates without any system restore point via Windows RE, this is pretty solid.

Conclusion:
@David_Guyer@Aria Carley@A1would any of these ideas be in reach any time?
I know all my proposals sounds simple from outside. From what we see here and the feedback I agree with the one comment that we might need re-think the servicing system which seems to be unchanged (in the root) since Vista.
Sure I do not want to go back to XP where updates were nothing but cab files that overwrite existing files without any deeper logic, and most of all these were language specific. 

However if you patch a Windows XP box with a modern PC you will notice that the installation of updates, with SSDs / NVMe and CPUs scales pretty well. It is super fast, especially with System Restore disabled.

If we dare to touch this and make it better we could avoid having systems on for hours. I also agree on the factor of environment and responsiblity, even though it is "offtopic".

"No we have to regularly uninstall Updates because Microsoft doesnt test anything. 

We have now 1,5 billion active devices. What is the difference to other ecosystems like Apple? our computers are pretty much unique. So their usecase and software, drivers.

It's a curse and a gift. Microsoft simply cannot test all combinations in just 3-4 weeks of time. And it would help a lot if the people would be fine to enable optional telemetry data to help Microsoft to improve their job.

Without relevant data it's hard to fulfill this responsibility.
if we speak about #Printnightmare this is mostly a problem for months because the vendors did not update their drivers or code v4 printer drivers, available for a decade now.

Many thanks for the feedback on this blog! Based on your comments and questions thus far, I wanted to clarify a few points.

While there’s a perception taken from this post that eight hours are required for a device to successfully download, install, and reboot for updates, in reality the majority of updates start and finish in less than an hour. The six “total connected hours” (not eight) I cited in this post are based on studies that include devices that are infrequently used, often only online for a few minutes across multiple hours, have intermittent connectivity, and are often running on battery power.

Windows Update utilizes logic to identify the best time to update a device, such as when the device is plugged in or when we won’t disrupt user productivity. This can lead to the perception that updates take a while; however, in reality, the update process is often waiting for an optimal time to download and install.

Devices with insufficient update connectivity that haven't updated, but don’t have any other blocking errors, are simply not remaining connected long enough to update due to the reasons cited above. Knowing this enables organizations to choose from several options to measure overall results, or try to address those specific devices, in a way that best suits their priorities and requirements.

We want to emphasize that there’s choice and control for IT professionals and end users, and that making updates smaller and less disruptive is a top priority. Recent work in this area has been highlighted in posts discussing the 40% reduction in update size and other cumulative update improvements.

The recommendations in our guide to Optimizing Windows Update Adoption recommend using sleep settings, as opposed to full shut down or hibernate, so that a device can reboot while the user is away, while also getting the benefits of power savings and keeping the device protected and productive. IT admins can leverage sleep setting policies to manage a device’s connected state and ultimately raise the likelihood that devices are successfully updated before switching to a higher power saving policy normally used by devices in the organization.

-David

It is still not completely clear to me what we could or should derive from this data point. If computer installs update in one hour of connectivity (perfect storm, nobody using it, it is on power cord, update check just happened, it has lots of power, etc.). It will show that it had just one hour of update connectivity? From the article i would perceive that having lower number is bad. But in this case it is not. And if PC has 4 hours connectivity, maybe it is not bad, if it is updating as it should every month. I believe that there is some value to such aggregated value to maybe try to tune some policies, but it feels too vague.

Hi @David_Guyer thanks for further clarification. On my behalf I think I got the message right. My examples point out that the update process, despite the efforts in reducing size, which was great and successful you see the update Installation time takes too long. And as you said it cannot be paused and continued but needs to restart from scratch. This is valid for all updates including in-place updates to a newer release. 

I hope that my ideas help to understand to very practical part out there, home and business, old or modern update management. It's all valid for each scenario that the impact of updates and duration should be improved with my given Inspirations. 

so that a device can reboot while the user is away

This is valid in most of the cases. If a user or the system picks restart or shutdown and install updates and you use an unlock PIN for Bitlocker this concept doesn't work. It's waiting for the PIN in any case. Thankfully WinRE will shut down the system after a time when no PIN is entered. 

@Karl_Wester-Ebbinghaus

Hello

I do not expect fundamental changes in the way of updating for Windows10.

The development of Windows11 can certainly accelerate improvements in this regard.

Further advances in technology (new high-performance processors and remaining hardware) will affect the entire update process, changing the code will have less of an impact on the speed of the update. 

---

Further advances in technology (new high-performance processors and remaining hardware) will affect the entire update process, changing the code will have less of an impact on the speed of the update. 

@A1 I have to disagree strictly on that. As a Senior IT consultant and for home use, I have access to hundreds different models of computers (not exaggerating here at all) and it does not really matter what CPU and RAM you have.

Even with the latest CPUs it takes exceptionally long time for installing a Windows CU, and this on top of drastically reduced CU sizes, as compared above.
Of course, and stone-age AMD hexacore or Core2Quad will take longer. But more importantly it is done in few minutes on modern hardware.

Installing a Windows CU takes much longer than it would take to install the entire OS, as said: OS Install takes about 2 minutes on my machine applying a 5 GB WIM file.
Interestingly the .net CUs are applied relatively fast.

For Windows 11 or beyond we need to get away from this Vista+ servicing. Sure it has been improved in reliability and size but the rest seems not going with the time. 

I have made some theoretical examples how to improve it and certain brainpower should be invested into it. It would be great to discuss this in detail.

A computer does NOT need to be online for 6 or 8 hours, @David_Guyer is absolutely correct with this.
Yet the current system is insufficient. Quite the opposite the faster the hardware is (new CPU, RAM / NVMe) the more it becomes obvious that the servicing is a comparatively slow process that does not scale well on modern hardware.

If you have old hardware, even with SSD it could take 10 or even 30+ minutes to install the CU. I see this regularly happen.

I think the main point is that Microsoft does not really care how long it takes as their point of view is updates are installed without user interaction and the user should be at best neither notified nor personally impacted and the computer can do it when the device is not used and restarted etc. But that's not how it goes. This would work for enterprises where computers are online for 8+ hours and everything could fit into this timeframe. This would be great, but many computers are not online for that long. The more mobile the form factor (ultrabooks, netbooks, laptops, convertible), the shorter this time could potentially be. Why? Because they have CPU power limits and contraints on energy. 
If you run your device on power in a dock, fine but that's not something that happen outside business were a 8 hours workday applies.

For anyone that is using the PC at home be fine with 1 to 3 hours online time for most. Except you are gaming. Please keep that in mind. You basically could have the telemetry about how long home and business computers are in use and how often they are online before being rebooted or shut off or hibernated. It is all in the eventlogs.

Please also keep in mind that according to unofficial data we have 0,1 billion Windows 10 computers that are not on supported releases anymore, and it would be interesting if this is because of errors or just because they are not online long enough to complete the servicing operations of CUs, SSU and upgrades. It is sad that Microsoft does not provide own data

@Karl_Wester-Ebbinghaus

"  I think the main point is that Microsoft does not really care how long it takes as their point of view is updates are installed without user interaction and the user should be at best neither notified nor personally impacted and the computer can do it when the device is not used and restarted etc. But that's not how it goes. This would work for enterprises "

The user must know that it has started with an update and should do everything to

the process has ended correctly!  (On-powered, etc.)

A computer that will update without my knowledge is useless to me!

Of course, there are hardware limitations for laptops, but it is the user who should provide power and access to the network - Microsoft clearly reminds you of this! 

Please do not compare the installation of the system with a large system update.

" In Windows 10, you decide when and how to get the latest updates to keep your device running smoothly and securely. This article will help you find answers to your questions and troubleshoot common problems with updating Windows 10."

https://support.microsoft.com/pl-pl/windows/rozwi%C4%85zywanie-problem%C3%B3w-z-aktualizacj%C4%85-sy...

https://support.microsoft.com/pl-pl/windows/windows-update-cz%C4%99sto-zadawane-pytania-8a903416-6f4...

@David_Guyer

You have shared an incorrect link - when opening it is downloaded automatically:

433316.crdownload ( As not confirmed )

"The recommendations in our guide to Optimizing Windows Update Adoption "

Please change the link to the correct one.

I'm using Android 12 and iOS 15 at this time.

I really don't think that Windows 10/11 has any problem for getting updates comparing to Android 12 and iOS 15.

Both of those operating systems require strong internet connectivity and also continues power-on situation, which Windows 10/11 are no exceptions.

But the main difference between Windows 10/11 and Android/iOS is the quantity of updates.

My Google Pixel device receives updates once a month in the most often condition (the exact same about iOS).

But my Surface Pro as a Microsoft owned PC, receives updates much more often, at least once a week or even sometimes every 3rd day!

And the reason is so clear.

If we want to talk about Android, Google just left the x.1 or x.2 strategy since Android 9. Because they decided to set the "security patch month version" to detect if you have the latest update or not.

So you'll receive updates on your Android phone now, without changing the "Version" of it.

But iOS is just like an app! Whenever you receive any update, it'll change the "Version" of your iOS which is 15.3 now.

You won't receive update on iOS without changing the "Version" of it.

But it's totally a different case about Windows 10/11.

The current latest version of Windows 10/11 is 21H2. And it won't change even if you receive updates 100000 times until the next major update in the late spring.

It might change the Build number, but it might not!

The reason is clear.

Updates in Windows 10/11 are more in quantity because it's a PC OS.

And a PC OS which the devices using it, are so different in aspect of hardware and DRIVERS.

Yes...

If you have a Samsung Galaxy phone with Android, you're not going to receive Driver updates when Samsung wants to...

The only time you receive updates on your Galaxy, will be Google Security patches.

But imagine that you have a custom made desktop PC. In this case, your sound card manufacturer release driver updates whenever needed via Windows update, or your camera or...

Do you see?

There's a huge difference between Windows and iOS/Android.

Therefore it's so reasonable to have 10x updates for your PC during one month in compare with your phone...

If here we're talking about the behaviors and life style of users which is affecting update procedure, I should say that it's exactly the same for Windows, Android and iOS about me.

When I want to receive major updates on my Google Pixel, I prepare a strong internet connection for it, I leave its screen on, plugged in, and waiting!

This is exact same scenario for iOS and Windows.

When I want to update my iPhone from iOS 15.2 to iOS 15.3 I connect it to a strong internet connection, I turn off the automatic screen lock by inactivity, I plug it in the power cord, and I wait...

Again, this is the exact same that I do with my Surface Pro when I want to update it from 21H1 to 21H2.

But if your problem is the quantity of a Windows 10/11 PC updates, you should remember that it's a PC with weekly security and drivers updates.

Apple released iOS 15.3 only for 38 devices.

But Microsoft released Windows 10 v21H2 for millions of laptops and custom made desktop PCs, that is a "World-to-World" difference.

Don't expect to have the same experience...

@A1  agree about this. Based on feedback on twitter Aria Carley and maybe others in the team do not seem to like notifications.
When I discussed the topic about updating with people from Microsoft they said what I wrote, the lesser updates and "seamless" experience the better. Does not help at all on devices that are turned off in the middle of the TIworker.exe show.

It was not bad in XP, that there is a notification in Systray, could be more logically be a warning in Windows Security center and systray or notification (in practice mostly I see W10/11 notification aren't used, dismissed, or overseen, or silenced. This is quite bad. It is so easy to create notifications even via PowerShell. MVP solutions exist.

We had one systray notification when there are updates missing one for installation start and finish.

@erfansvsh I do not exactly see the point. I see more outdated PCs out there missing CU or even FCU (21H1,21H2 etc) than missing Android updates or iOS or even MacOS updates (macos isn't something I have to bother with often in business).

"Again, this is the exact same that I do with my Surface Pro when I want to update it from 21H1 to 21H2."

This is a very small enablement package and it is installed very fast on most PCs, older machines still take long time for some reason.
I stand with my proposals that dism / tiworker.exe is insufficient how it works and takes a lot of CPU power and ironically very few storage bandwidth.

Hi @David Guyer,

In order to boost our WUfB monthly compliance, you are pointing us to https://aka.ms/UpdateVelocity
That PDF is aiming us to set a few power policies, and additionally, also set the WU agent detection frequency to 6H instead of 22H, on low activity PCs

BUT!....

Policy CSP - Update - Windows Client Management | Microsoft Docs states….
“This policy should be enabled only when Update/UpdateServiceUrl is configured to point the device at a WSUS server rather than Microsoft Update.”

So, which of both official MS documents is telling us the true? 

Surprisingly MEM offers it under WUfB node, so....
That´s real? we could/should use it?
Even on a pure 100% WUfB environment?? 

Why does this feel like a "you are holding it wrong" moment

Instead of blaming the problem on the end user, meet them where they are and make the update process compatible with the casual user. 

We are in a climate crisis and we must save energy. So I hope we can do better than encouraging users "to leave devices plugged in and connected—instead of powering them off overnight—so that updates can download and install properly". With the millions upon millions of Windows devices, I hope there will be a better way.

I recommend this article to all those who want to take care of the green planet through their contribution:

Make Sustainability Part of Everybody's Job (microsoft.com)