ProiektHat Posted July 2, 2008 Share Posted July 2, 2008 I have blocked outbound connections that do not match a rule in windows firewall and i have been making rules according to each application....but Windows Update is blocked and the only way(i think)to allow it is to allow svchost.exe globally which seems not the best way, because svchost hosts many processes...and, i?m not sure, but it seems that WU checks for updates but can?t install those updates. Is there another way to allow WU without enabling svchost ?Or, if i am configuring windows firewall the wrong way would someone care to point the right way...third party software is not an alternativ:):) thanks a lot fellows Link to comment Share on other sites More sharing options...
jojobrown Posted July 3, 2008 Share Posted July 3, 2008 Rule based on "%SystemRoot%\System32\svchost.exe" Under the "Programs and Services" tab, Go to the "Settings" tab, select "apply to this service", select "windows update" OK. I have DNS disabled so I have a separate DNS allow rule, so your next step may vary or may be unnecessarily limiting depending on how tight you want your rules set up. So for the windows update rule, I allow tcp remote ports 80, 443. Should work, let me know if it does or if I missed something. Link to comment Share on other sites More sharing options...
ProiektHat Posted July 4, 2008 Author Share Posted July 4, 2008 thanks a lot...now i?m waiting to see if updates can be installed automatically Link to comment Share on other sites More sharing options...
Recommended Posts