Hello, Jeff “The Dude” Stokes here for an installment on a very important topic. Why should I not disable the task scheduler in Windows?
Long, long ago in the annals of IT history, the Task Scheduler was a poorly understood component of Windows. “What does it do?” We’d wonder…
Fast forward to today and now, the Task Scheduler is still a poorly understood component of Windows. “What does it do and why can’t I disable it to be secure?” We ask…
We have heard about some changes in Vista and Windows 7 regarding the task scheduler, but really, why not disable the dang thing to be more secure or increase system performance?
Because disabling the task scheduler does not make your system more secure, nor does it increase system performance. In fact, it makes your system less secure in Windows 8, and in Windows 7 and 8 makes performance worse, especially over time.
In Windows 7 the Task Scheduler is responsible for background health and cleaning processes such as optimizing prefetch and readyboot for instance. It also handles light defragmentation runs on the system.
In Windows 8, it’s even more important. It optimizes the start menu…
What else? File History is task scheduler based.
Bluetooth device cleanup (when you unpair a device)
Cleaning up Application Temporary Files as well
How about making sure the file system is healthy? Yeah that’s a task, too.
Run RAID sets on your machine? You’ll want task scheduler.
How about Windows Updates?
So let’s leave the Task Scheduler Service alone in our quest for security hardening and go pick on more interesting things like Anti-Virus and Data Loss Prevention kits.
So remember, Relax, don’t do it. Don’t disable the task scheduler!
For more information on the Task Scheduler see below:
Task Scheduler Changes in Windows Vista and Windows Server 2008 – Part One http://blogs.technet.com/b/askperf/archive/2008/06/24/task-scheduler-changes-in-windows-vista-and-windows-server-2008-part-one.aspx
Task Scheduler Changes in Windows Vista and Windows Server 2008 – Part Two http://blogs.technet.com/b/askperf/archive/2008/10/10/task-scheduler-changes-in-windows-vista-and-windows-server-2008-part-two.aspx
Task Scheduler Changes in Windows Vista and Windows Server 2008 – Part Three http://blogs.technet.com/b/askperf/archive/2009/03/17/task-scheduler-changes-in-windows-vista-and-windows-server-2008-part-three.aspx
Two Minute Drill - Quickly test Task Scheduler http://blogs.technet.com/b/askperf/archive/2011/06/10/two-minute-drill-quickly-test-task-scheduler.aspx
What’s New in Task Scheduler for Windows 8 & Server 2012 http://blogs.technet.com/b/askperf/archive/2013/07/05/what-s-new-in-task-scheduler-for-windows-8-amp-server-2012.aspx
Update 11/3/2013 -Mark Morowczynski
How To Configure Clustered Tasks with Windows Server 2012
Jeff “The Dude” Stokes
Has Microsoft ever published *technical* documentation on *all* the tasks that ship with Windows? What does each task do, why does it run when it does, and what really happens if it doesn't run. "Don't touch this -- trust us" doesn't count as documentation :-)
Not that I am aware of no. This falls back to us not being able to document every individual item a customer may chose to do and the consequences of doing so. We can't write / document the permutations of how our product fails or would fail when someone does X to it.
To put it succinctly, Windows is tested and shipped with this service enabled by default and we KNOW there are lots of bad things that can happen if its turned off, but the hows and whys depend on how you are using Windows in your environment. I know to some it sounds like a cop-out to some extent. But this blog post is a best effort "Don't do this, you'll shoot yourself in the foot" type of thing. You know?
Would it be nice to know every task and what it does? Yeah honestly in my opinion, I think it would. But its going to change with the next release of Windows to some extent, and maybe with hotfixes / product installs (including 3rd party), etc. So it would be a bear and is it worth that colossal effort? Everything documentation wise hits a decision matrix akin to above at some point I imagine.
Task Scheduler is used not only by Microsoft products and tools (also a part of Windows), but also by many third party programs. Therefore disabling Task Scheduler does impact the performance of Windows.
I think we're on the same page with your comment. Good point on third party products relying on it as well, good point.
There are a lot of good reasons to disable the built in Task Scheduler. In the past 3 months, TS on my box has turned to trash (even though my box has a recent refresh of win7). My box got ejected from the domain and we had to re-enter it. This caused Task Scheduler (and hence, me) a lot of grief. Thus, I just disabled it because I am exhausted of fighting with windows every day. Instead, I wrote my own Task Scheduler to run as a service. It is 70% as full featured as the windows Task Scheduler. But, mine has custom email alerts, logging, AND it works every time. It also does not require the absurd domain creds to run on a local box.
Say Steve, could you expand upon that perhaps? How exactly was it trashed, does your environment have the task scheduler proactively patched, like support.microsoft.com/.../2698800, perhaps? What were the exact symptoms? SP1 or SP0? Was a support case opened? Please email me the details at email@example.com if you would be so kind. Since my primary role is to support enterprise clients and this is the first I've heard of a case like this, obviously I'm interested.
Well, while I agree with the title, "Because disabling the task scheduler does not make your system more secure" is not very precise... Don't you remember conficker?
Petar, I don't recall taskhost being a vector for Conficker, although I am not a malware expert.
Autoplay I think was what you are getting at? Or am I missing your point. We don't recommend folks attempt to make a system more secure by disabling core components of Windows, but by sticking to well known and proven solutions. blogs.technet.com/.../sticking-with-well-known-and-proven-solutions.aspx
The article focuses on Windows client - a short side note regarding Windows Server: as long as the Task Scheduler Services on Windows Server 2012 (\Microsoft\Windows\TaskScheduler\Regular Maintenance and \Microsoft\Windows\TaskScheduler\Maintenance Configurator) lead to server reboots at 3am every day after an Windows update is detected (and even worse: 15 minutes after an admin logs in if the server was not restarted after 3 days), all the valid and good arguments fall on deaf ears for sysadmins not wanting to adjust to a - IMHO - broken server maintenance model. KB2885694 helps along the way, but why break the system in the first place?