Hey UEMDev,
Thank you for the reply..
Yes we did try this in the policy of the local machine (gpedit.msc) but my guess is that it is more than 365 days ago that 1703 has been released en thus can't be deferred anymore.
The way Microsoft is pushing updates has a lot of similarities with how spyware and addware works. It just bypasses all policies and services and just installs itself.
I did found out that it also creates 2 folders in c:\Windows which is called UpdateAssistent (and UpdateAssistentV2) which holds the XML files for the task and the actual executable that is being executed.
We have now removed both folders and hopefully they won't come back again but to be honest my gut feeling says they will return.
Because we do have UEM running and I have heard about white and black listing I thought this might just be an option.
Maybe something to implement as a default option?? If you look at the internet about the aggressive way of Microsoft updating this might well be a definitive solution to stop it.
The worst thing is that when you look at the page (https://support.microsoft.com/nl-nl/help/3159635/windows-10-update-assistant ) it actually states that (I know you are Dutch 
) Opmerking Dit hulpprogramma ondersteunt geen Enterprise-edities. and yes, we do run enterprise edition.
We can't be the only one struggling with this right? We also have quite some physical machines that have the exact same issue..
And just upgrading to 1709 isn't an option for us with over 1500 VDI machines.....
Really appreciate the help as this is not a UEM issue but we are seriously looking at just blocking it using UEM!
Woops sorry.. ..
Looking at the guys responding here we could start our own Dutch forum ...
If you can identify the executable that's responsible for this, and if that executable runs as the logged-on user, you might give UEM's application blocking a try. However, depending on how that executable is launched, that might result in some error dialogs ("This program is blocked by group policy. For more information, contact your system administrator.", or something along those lines) that might be confusing to your users.
The executable runs as system, I would be able to explain the dialogs to the user but I didn't know that UEM could only block executables executed by the user (or at least under the users access token).We were eventually able to remove the entire folder but my guess is that it will eventually pop up again because Microsoft really really really wants you to upgrade to 1709 (or whatever verison is coming next). I do hope they will change this behaviour. Looking at VDI in combination with W10 it is starting to become more and more complicated to get this working..
Thanks for the info but I did use that tool already. The thing is that the wushowhide tool only blocks the update from being installed through Windows Update. We already disable and block that service but apparently according to Microsoft this isn't even enough to block the Windows Update Assistent.
I removed the application, the tasks and the folders in Windows and for as far as I can see know at least it stopped forming me to upgrade to 1709 but to be honest I have no idea if we can block it from still coming in.
Hence the idea to just block it with UEM. My guess is that using Windows GPO's won't do the trick in blocking this application..
Even though it seems to be "fixed" for now I am still very interested in tips and trics how others try to block these updates.. Linux is more and more becoming a viable solution ...