[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Windows 10 uses YOUR computer to help distribute itself

Published on
17,880 Points
51 Endorsements
Last Modified:
Community Pick
Joe Winograd, Fellow&MVE
50+ years in computer industry. Everything from development to sales. CIO. Document imaging. EE MVE 2015, EE MVE 2016, EE FELLOW 2017.
In a recent article here at Experts Exchange, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to running Nuance's PaperPort 14.5. I received a private message from a fellow PaperPort user who read the article asking me if I'm aware that Windows 10 is using my computer to help distribute itself. I was not aware of it!

Perhaps I missed this during my nine-month experimentation with the W10 Technical Preview, or maybe Microsoft added that feature only in the official release (Build 10240), but when I checked it out, it is true. I was very surprised to find that W10 is, in essence, using my PC as a peer-to-peer server in distributing updates and apps, and I figured that other Experts Exchange members may also not be aware of it. So I decided to write this article, which also shows how to disable it.

Sidebar:  During the article review process, an EE Page Editor (MASQ) pointed out that this feature was introduced in March with Build 10036 — I did, indeed, miss it! My thanks to MASQ for this information, and for providing a link to Leaked Windows 10 build hints at peer-to-peer patching, an interesting article about it in The Register.

First, I'll explain how to find the feature (the screenshots in this article are from Version 10.0, Build 10240, created via an automatic update from the Technical Preview version of the Windows Insider Program):

Start menu
Update & security
Windows Update
Advanced options
Choose how updates are delivered

After those steps, you will get this dialog:

As you can see, the default is On for downloading Windows updates and apps from other computers, and for using your computer to send Windows updates and apps to other computers — and there's an option for those other computers to be only on your local network or, believe it or not, on the Internet!

Note the Learn More link in the screenshot above. It takes you to a page with the clever title of Windows Update Delivery Optimization: FAQ. So Microsoft is telling us that

Windows Update Delivery Optimization lets you get Windows updates and Windows Store apps from sources in addition to Microsoft. This can help you get updates and apps more quickly if you have a limited or unreliable Internet connection. And if you own more than one PC, it can reduce the amount of Internet bandwidth needed to keep all of your PCs up-to-date. Delivery Optimization also sends updates and apps from your PC to other PCs on your local network or PCs on the Internet.
This also confirms what I observed above, namely, that the so-called Delivery Optimization setting defaults to On — and for all editions of W10! There is, however, one important difference in the various W10 editions, i.e., Enterprise and Education have only the local network option on by default, while all other W10 editions have your local network and PCs on the Internet on by default.

Disabling it is a simple matter of clicking the blue On button, which toggles it to Off:

Or you may leave it on, but tick the PCs on my local network radio button rather than the PCs on my local network, and PCs on the Internet radio button.

I'm not going to weigh in on the merits of this feature. Since learning about it, I've read many opinions on the web, and perhaps this article will spur a lively discussion here at EE. Some folks are worried about getting malware on their PCs from this feature, other folks say that it is not possible to do so. Some folks like the idea that they are not totally dependent on the (possibly slow and bogged down) Microsoft servers for updates and apps, while others say that it is not worth the hit to their own network bandwidth. Interesting food for thought.

If you find this article to be helpful, please click the thumbs-up icon below. This lets me know what is valuable for EE members and provides direction for future articles. Thanks very much! Regards, Joe
LVL 62

Author Comment

by:Joe Winograd, Fellow&MVE
I recently received the following private message (trimmed):
Whoa! I just upgraded to Win10 and had no idea that it is doing this. Thank you very much for the article. You briefly mentioned getting malware on the PC from this, due to unknown sources on the Internet. Can you tell me more about that? How big is the risk?
The reader did not want to post the question himself, but he gave me permission to post it on his behalf (as long as I didn't mention his name). This was my reply to him (also trimmed):
I am not an expert in the technology being used for what is now going by the acronym WUDO (Windows Update Delivery Optimization). I do know that it is a torrent-like, peer-to-peer capability that uses a manifest, which is a cryptographically-signed list (hence, supposedly secure) of all the files being delivered. The conventional wisdom (which I obtained, of course, on the web) seems to be that the manifest is secure, unable to be compromised by the bad folks. But others are skeptical, pointing out that some bad folks are extremely smart!

Thanks for your permission to post this at Experts Exchange (I will not use your name). There are certainly experts at EE who know a lot about security/malware issues. Let's hope they jump in to share their knowledge.
So, any experts out there willing to provide your thoughts on this? Thanks, Joe
LVL 32

Expert Comment

by:Thomas Zucker-Scharff
This is just my opinion, so please take it as such.  Although I am not a "Security Expert" it is what I do a lot of.  Windows 10 has some particular problems when it comes to security.  Some of which Joe has addressed.  II highly recommend editing the privacy settings and registry to lock Windows 10 down.  by far the easiest way to do this is to use a program like DoNotSpy10, but beware, it carries a payload of adware.  Read my article before trying to download or install (do not try to download with the edge browser).

I generally do not trust torrents, nor any peer to peer clients.  I would disable this feature and, as Joe said, only trust the computers on your local network at best (even that may be chancy).  There is a trend towards building in more "spy" features on all internet capable devices (many of the new Samsung SmartHub TVs have a hidden camera that can be turned on remotely and the 40+ page EULA for SmartHub says explicity that Samsung may collect audio and visual feeds from your television).

So lock everything down and then some.

Expert Comment

by:Pat Clancy
As far as I'm concerned as soon as you tell someone (particularly the bad someone) that they can't do something such as finding a hole in a system you know they're going to try. Remember when Microsoft said that Windows 7 was the most secure ever? Then of course windows 8 was even more secure.

I think that if someone or something created the manifest then no doubt someone or something will be able to figure out how to break into it.

Thank you for the article I would recommend to all my clients to turn that little feature off.

I agree lock everything down.
Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

LVL 62

Author Comment

by:Joe Winograd, Fellow&MVE
Tom and Pat,
Thanks to both of you for those comments — good stuff! Regards, Joe

Expert Comment

So, does turning off WUDO "Updates From More Than One Place" stop my system from distributing Windows 10 and updates?  Or, just stop it from getting updates from unknown sources?
LVL 62

Author Comment

by:Joe Winograd, Fellow&MVE
Hi MtHolly,
Turning it off does both — (1) stops your system from getting updates and apps from other PCs (meaning it gets them just from Microsoft) and (2) stops your system from distributing/sending updates and apps to other PCs. Regards, Joe

Featured Post

Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

Join & Write a Comment

How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month