Key Points
- Identify the Update Before Blocking: Obtain the exact KB number or driver ID so you can uninstall, hide, or block it without affecting other updates.
- Hide/Remove the Update Safely: Use Microsoft’s troubleshooter or uninstall options to suppress problematic updates and prevent immediate reinstall attempts.
- Block Driver Reinstalls with Policy Controls: Use Device Installation Settings or hardware ID–based Group Policy to prevent unwanted driver reinstalls.
- Control Auto Updates for Greater Stability: Adjust Windows Update policies to require approval before download/install, so risky patches are reviewed first.
- Verify That Suppression Works: Check Windows Update queues, Update history, and command-line output to confirm unwanted update removal.
- Document Exceptions and Update Handling Rules: Record blocked updates, rationale, and blocking method for consistent remediation and auditability.
Windows Update can sometimes push patches that are unstable, incompatible, or keep reinstalling even after you remove them. These updates may come from multiple sources, and they often persist unless you block them correctly. If they’re handled incorrectly, they can cause regressions, disrupt drivers, and annoy users by repeatedly trying to install.
This guide explains how to hide Windows updates, remove patches that are already installed, block driver reinstall attempts, and use policy controls to stop certain updates from coming back. It also lays out a workflow IT admins can use on single devices or across a fleet, along with the checks needed to confirm the unwanted update is actually suppressed.
Methods to permanently remove a suggested update in Windows Update
Windows Update could resurface unwanted patches repeatedly unless you block the specific Windows update. Before implementing these methods, be sure to fulfill these requirements:
📌 Prerequisites:
- This requires administrator access to modify, update, policy, or driver settings.
- You will need the Knowledge Base (KB) number or update identifier for the update you intend to block.
- If you manage multiple systems or apply device restrictions, you’ll need access to Group Policy.
- You will need advanced PowerShell permissions if you plan to automate removal or deploy scripts at scale.
📌 Recommended deployment strategies:
| Click to Choose a Method | 💻 Best for Individual Users | 💻💻💻 Best for Enterprises |
| Method 1: Hide a specific update via the Microsoft troubleshooter | ✓ | x |
| Method 2: Uninstall the update first, then block it | ✓ | x |
| Method 3: Block driver updates through Windows Update | ✓ | x |
| Method 4: Use Group Policy to prevent specific driver updates | x | ✓ |
| Method 5: Disable automatic update installation for more control | x | ✓ |
| Method 6: Validate that the update is blocked | ✓ | ✓ |
Method 1: Hide a specific update via the troubleshooter package
📌 Use Cases:
- This enables you to suppress a Windows Update without changing policies or removing components.
- Useful for blocking a single problematic update on individual devices during testing or incident response.
📌 Prerequisites:
- This requires the exact KB number or update name you want to hide.
- You will need local administrator rights to run the Microsoft troubleshooter package.
Steps:
- Download the Show or hide updates troubleshooter.
- Run the tool and select Hide updates when prompted.
- Pick the unwanted update from the list.
- Confirm your selection to block the update you want to restrict.
- Reopen Settings > Windows Update and verify the update no longer appears in the queue.
Method 2: Uninstall the update first, then block it
📌 Use Cases:
- Removes a problematic update that is installed before applying a block to prevent its return.
- Best when the update is causing instability, driver issues, or incompatibility after installation.
📌 Prerequisites:
- You will need the specific KB identifier of the update you plan to remove.
- This needs administrator rights to uninstall Windows Updates and run the troubleshooting package.
Steps:
- Open Settings > Windows Update > Update history.
- Select Uninstall updates.
- Locate and pick the KB you want to remove.
- After completing the uninstall, run the Show or hide updates troubleshooter and select Hide updates.
- Confirm that Windows Update no longer attempts to reinstall the removed update.
Method 3: Block driver updates through Windows Update
📌 Use Cases:
- This prevents unwanted driver updates from reinstalling after you hide or remove them.
- Ensures hardware configurations remain stable on devices that require fixed or vendor-approved drivers.
📌 Prerequisites:
- This needs administrator access to tweak Windows Update and device installation settings.
- You will need to identify the specific driver update that needs to be blocked.
Steps:
- Open Settings > Windows Update > Advanced options.
- Select Optional updates and review the list of available driver updates.
- Uncheck or avoid installing the unwanted driver update.
- Next, open Control Panel > System > Advanced system settings.
- Click the Hardware tab and select Device Installation Settings.
- Select No to prevent Windows from automatically downloading manufacturer drivers.
Method 4: Utilize Group Policy to prevent specific updates
📌 Use Cases:
- This method allows MSPs to block specific driver updates in many endpoints by targeting hardware IDs.
- Ensures device class or hardware-specific updates remain blocked consistently after reboots and policy refreshes.
⚠️ Note: This method does not block cumulative KB updates.
📌 Prerequisites:
- You will need access to the Group Policy Editor for domain-level GPO deployment.
- This requires hardware IDs for the device or driver you intend to block.
Steps:
- Open gpedit.msc.
- Next, navigate to: Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions.
- Enable Prevent installation of devices that match any of these device IDs.
- Add the hardware IDs associated with the unwanted driver update.
- Apply the policy and restart the device to enforce the restriction.
Method 5: Disable automatic update installation for more control
📌 Use Cases:
- This gives administrators full control over when updates download or install.
- Useful for fleets where updates must be reviewed, staged, or approved prior to deployment.
📌 Prerequisites:
- You will need access to the Group Policy Editor or a domain-based GPO deployment method.
- This needs an approved update workflow so technicians will know when to allow or defer installs.
Steps:
- Open gpedit.msc.
- Click: Computer Configuration > Administrative Templates > Windows Components > Windows Update > Manage end user experience.
- Enable Configure Automatic Updates.
- Next, set the option to Notify for download and auto install.
- Confirm that Windows now prompts for approval prior to downloading or installing any update.
Method 6: Validate that the update is blocked
📌 Use Cases:
- This confirms whether your chosen method for hiding updates in Windows 11 successfully prevents unwanted updates from reappearing.
- It ensures the update is neither installed nor queued, avoiding repeated remediation or conflicts.
📌 Prerequisites:
- You will need the KB number or identifier of the update you blocked.
- This requires access to Windows Update settings and basic command-line tools for verification.
Steps:
- Open Settings > Windows Update.
- Select Check for updates.
- Confirm that the unwanted update no longer appears in the list.
- Open Update history and verify that the update has not been reinstalled.
- Optionally, you can run this on the Command Prompt to confirm the update is not present: wmic qfe list.
Optionally, you can verify installed updates via PowerShell (recommended):
Get-HotFix | Where-Object HotFixID -eq "KB5000000"
Or using the legacy WMIC command (deprecated but functional):
wmic qfe list | find "KB5000000"]
⚠️ Things to look out for
| Risks | Potential Consequences | Reversals |
| The update is part of a cumulative package | It cannot be hidden individually, and Windows may automatically reinstall it. | Check whether the update is bundled in a cumulative release, and resolve the underlying issue instead of blocking it. |
| Driver updates reinstall through hardware detection | Windows may reapply the driver even after hiding it, causing prompts to appear repeatedly. | Block the driver using hardware IDs in Group Policy and disable automatic driver installation. |
| Policies or tools override your settings | MDM profiles or RMM scripts may restore the update | Audit device policies, deployment tools, and login scripts, then reapply the intended block method. |
Troubleshooting hide Windows updates issues
Use these checks to resolve common problems when attempting to suppress or block specific Windows Updates.
- Update keeps returning: Ensure it is hidden using the Microsoft troubleshooter and verify it is not required as part of the cumulative package.
- Driver updates reinstall automatically: Confirm Device Installation Settings are set to No, and ensure the hardware ID policy is set to active in Group Policy.
- Hiding tool not available: Utilize Group Policy to prevent device installations, or temporarily pause updates until a permanent block is applied.
- Update is part of a cumulative rollup: Since you cannot block individual security updates, you can resolve the underlying compatibility or stability issue instead.
- Blocked updates reappear after feature updates: Major version upgrades (e.g., 21H2 → 22H2) reset the Windows Update catalog, driver database, and metadata. Re-hide or reapply policy blocks after completing the upgrade.
Maintain stability by controlling and suppressing unwanted Windows Updates
Blocking a specific update on Windows 11 requires identifying the update, removing it if necessary, and applying the right method to prevent it from returning. By utilizing the Microsoft troubleshooter, uninstall options, and device-level controls, you can hide or suppress updates that can cause instability.
Related topics:
