I’m curious how Defender users are getting definition updates.
My home systems aren’t connected to any central update servers. I have Windows Update set to “Notify”, as I suspect most of you have. I’d be willing to let Defender install updates automatically, but I haven’t found any way to specify a setting just for Defender. So that’s not an option, as far as I can tell.
I could use Windows Update and download them, but the signatures are updated frequently and I don’t want to be constantly be going to Windows Update. Plus, there are often other updates on the list that I don’t want to download. So I discarded that alternative.
So, I’ve set up a scheduled task that runs “MpCmdRun.exe -SignatureUpdate” overnight, and it works well. It pops up a command window when it executes, but that’s no problem as I’m rarely awake when it happens.
I still get annoying Windows Update notifications for them, though, so I’m trying to get rid of them. I tried wushowhide’ing the KB article, but that doesn’t work.
There are a couple of policy settings under Windows Defender Update – Security Intelligence Updates that presumably control the time of day and interval that these checks are made. I’m trying to get that set up so that it checks shortly after I run my task.
But this is an awful lot of trouble for what should be a simple task. Have I missed the simple solution? Surely there are lots of folks using Defender with Windows Update set for Notify. How are you guys doing this?
