I'm the sysadmin in a small company with around 70 domain computers all running Windows 10 22H2 (but it happened ever since we migrated to W10 3 years ago). We have implemented WSUS a long time ago and we are managing updates using it. Since about a couple of years ago I'm facing an issue I cannot figure out. There is something that deletes the HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate registry key and all values, so the client will no longer report to WSUS and instead update randomly through the internet.
Every now and then, I see that some computers no longer communicate with WSUS for updates, and show up as not having sent a report in a long time. When I catch them like that I can "fix" them by doing a gpupdate /force and then checking for updates, this will restore the registry keys set by the Windows Update policies. Most of the time though, I don't catch them and later on the user comes to me saying that their computer randomly updated to Windows 11 overnight or that it installed bios updates, and other things like that. I don't need to tell you how annoying and disruptive for the user's workflow it is to have the operating system updated for no reason, or the bios (on our DELL laptop, updating the bios takes literally 20 minutes and sometimes it messes with Bitlocker so they have to come to me for the Bitlocker recovery keys).
Anyway, I found a couple of posts with the same issue, one is here:
https://social.technet.microsoft.com/Forums/windows/en-US/d98fb3a1-1e6d-4f1d-a5ca-b66a98e02550/hkeylocalmachinesoftwarepoliciesmicrosoftwindowswindowsupdateau-missing-after-restart?forum=winserverwsus
Another one:
https://community.spiceworks.com/topic/2027489-wsus-registry-keys-randomly-removed-from-domain-laptop#
Unfortunately none of them contain any solution or useful information, but the isssue is literally the same as those guys'.
I have literally no idea what could be causing this, and lately it has been happening over and over on random laptops and desktops all over the company. I swear every week I have some random colleague waiting for me in the morning because their computer is locked by bitlocker due to a random bios update, or telling me how cool is Windows 11 but we should have informed them the update was coming, or some other bs like that. Hell it even happened on my own desktop workstation and I have literally no idea wtf caused it because during the holidays I was alone in the company running backups and fixing stuff, so all I was doing on the computer was browsing the internet, I didn't touch the servers, I didn't install anything, I only turned on my computer to pass the time while backups were running, and out of nowhere I had a bios update queued after reboot and a notification about installing Windows 11.
I really hope someone can help me because this thing is driving me insane. Thanks in advance.