Need some IT advice here. I'm planning to buy a new PC and I'm wondering, is it safe to connect a pc with an unpatched windows 10 install to the internet and download the updates regularly through the windows updater?
I heard a while ago that connecting a new PC to the internet even if you just do it to get the newest updates is a sure way to get infected, so I always updated windows offline first whenever I was reinstalling win7, which was really easy thanks to the service packs. But with win 10 you hear about so many weird update problems and all these different builds and shit that I'm worried I fuck something up if I patch it manually offline. But I don't want to get a virus either in the time it takes windows updater to download like several GB of patches.
Anyone got any experience with this?
>>310291
Windows comes up in a firewalled pre-boot-security-update mode on first boot, and downloads the security updates it needs before booting the full OS.
It's done this since the infamous XP Service Pack 2.
Just install the latest service pack edition*, and you'll be fine.
* not because you have to for security reasons, but because if you don't you'll just have to download and install it anyway.
>>310291
>I heard a while ago that connecting a new PC to the internet even if you just do it to get the newest updates is a sure way to get infected, so I always updated windows offline first whenever I was reinstalling win7, which was really easy thanks to the service packs.
You wasted your time in so many ways here.
1) you heard wrong and didn't have to do that
2) since Windows 95 it's been possible to install from media that already has the service pack applied, and you should have just done that
>>310299
>>310301
>Windows comes up in a firewalled pre-boot-security-update mode on first boot, and downloads the security updates it needs before booting the full OS.
thanks for the reply. But does this still apply for a new PC that comes with win 10 pre-installed? Technically that wouldn't be the first boot then. Or does an unpatched windows 10 version always stay in that mode until you have the security updates installed?
The idea sounds OCD and overkill. The PC should be connecting to Microsoft only. In theory, I suppose you could get infected while perusing around inside IE/Edge looking for a different internet browser or antivirus. As long as you're not clicking on suspicious links and only the official ones, you should be fine. Maybe grab an Adblocker beforehand, just to be sure. Honestly though, life is too short, even with protection you're bound to run into problems eventually.
>>310291
>I heard a while ago that connecting a new PC to the internet even if you just do it to get the newest updates is a sure way to get infected
Thats bullshit paranoia.
Just use regular updates and you'll be fine.
Make sure to make regular backups of your stuff in case something goes wrong.
You can write custom backup routines using the windows robocopy module and schedule them if needet.
Use a non permanently connected drive for backups to protect from ransomware
>>310310
If it's preinstalled by an OEM, it arrives in SLP-sealed mode, and the first time *you* turn it on is a first boot.
>>310324
No, it was a real problem. Windows 2000 and XP machines would get remotely exploited by *computers connecting to them* just by being on the internet and without you having to do anything.
>>310382
LOL
>>310382
how so? where is the threat coming from?
>>310382
those issues were on dialup
pcs behind a nat would not be affected like that...
>>310736
>https://en.wikipedia.org/wiki/Blaster_(computer_worm)
this was one of the threats, it was mostly harmless (if you dont count the bsods, i mean it wouldnt mangle your data)
>>310747
>bsod
restart*
>>310744
Well, you sure showed Microsoft's security devision.
I guess all those companies with blaster epidemics just forgot to turn their NAT on. Such silly billies.
I guess the sensible thing to do would be to take the preboot update out of Windows now, seeing as you just showed it was pointless.
How exactly does this pre-boot security update mode actually work? Like, if I buy a new pc with pre-installed windows and I boot it up for the first time just to see if everything is in order without internet connection and then I shut it down, will it no longer in pre-boot security mode on the 2nd boot? Or does it stay in that mode until it has the security update it needs no matter how many reboots?
Sorry it's probably a dumb question but I really can't find anything useful about this.
>>311201
You won't see the logon screen until it's done it.
I guess you can make it fail if you deliberately fuck with it, so maybe don't.
>>311209
What if you don't have an internet connection or you buy a new laptop and you first have to set up a wireless connection? How can you do that without getting into windows first?
>>311227
It asks you.
Like I said, you can make it fail if you deliberately try to make it fail, so don't do that.
>>311227
>What if you don't have an internet connection
Then it's skipped. It's not MANDATORY, it it's not possible, it's not possible.
If you have a device or connection you are presented the normal wireless/LAN connections menu just like if you were in the installed system, there you could then input your login.