how to update Microsoft Defender

Topic

New Reply

I turned on updates today per MS-DEFCON 4. Two of the updates were definition files for Microsoft Defender… oops.

Is there a way to delay Windows updates but still get Defender definition files? What am I missing here?

 

Reply | Quote

Replies

Defender should update automatically, unless you have set your network to “metered”.

I run a scheduled task to update:
%comspec% /c start "" /min "C:\Program Files\Windows Defender\MpCmdRun.exe" -SignatureUpdate

Alternatively, download and run WuMgr, search for updates and select only the Defender updates.

cheers, Paul

3 users thanked author for this post.

SB9K, BATcher, wavy

Reply | Quote

Paul how does that get entered into the scheduler ? Where does the comspec go?
-SignatureUpdate goes is parameters?

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

comspec is the command, everything else is parameters.

cheers, Paul

1 user thanked author for this post.

wavy

Reply | Quote

Thanks, Paul. I understand it “should,” but as seen from my screen shot, it doesn’t.

I will try your update via scheduler. How do I know it has been successful? Is it one of those “set it and leave it?”

Reply | Quote

Check the task has run successfully – result = 0x0.
Under Windows Security > Virus & threat protection, check the last update time matches the task run time.

cheers, Paul

Reply | Quote

As far as I can tell, setting your network to ‘metered’ only affects the Delivery Optimisation service, not the Background Intelligent Transfer Service (BITS) which Microsoft Defender falls back to when the default Delivery Optimisation service is not available/throttled.

I believe Defender definition updates have a privilege over and above Defender engine updates. The former appear to be prioritised whilst the latter are held in abeyance until throttling is disengaged.

I could be wrong but, when I was playing around with denying Windows Updates using Windows Update Blocker, I’ve seen Defender definition updates actually update when I wasn’t expecting them to. YMMV

(Is it Microsoft Defender or Windows Defender this week… or just Defender? I admit that I don’t keep up with the constant name changes.)

Reply | Quote

Rick Corbett wrote:

(Is it Microsoft Defender or Windows Defender this week… or just Defender? I admit that I don’t keep up with the constant name changes.)

It’s been Microsoft Defender for four years:

Windows Defender Gets a New Name: Microsoft Defender

Reply | Quote

It’s still called ‘Windows Defender’ in Win8.1 and has been for longer than four years

Windows - commercial by definition and now function...

Reply | Quote

Where mainstream support ended more than five years ago.

Reply | Quote

b wrote:

It’s been Microsoft Defender for four years:

I don’t work for Microsoft, so didn’t get the memo… but I’ll try to remember.

Reply | Quote

My experience is that Defender doesn’t update reliably if you are “metered”, thus the daily scheduled task.

cheers, Paul

Reply | Quote

Rick Corbett wrote:

I could be wrong but, when I was playing around with denying Windows Updates using Windows Update Blocker, I’ve seen Defender definition updates actually update when I wasn’t expecting them to.

Windows 10 Pro 22H2: I use Kaspersky A/V so Defender is “disabled”.
Windows update is set to “Notify = 2” and 7 days update deferral.

Although Defender is disabled I set it to scheduled for quick scans .

Regarding Defender updates, I get a daily notification for “some updates need your attention” for KB2267602 which I run manually.

Reply | Quote

Defender update notification

Reply | Quote

When I postpone my Windows update (Win 10 Home), I don’t get any notifications, not even for Defender. How do you get those notifications?

Reply | Quote

I am on Pro version with Notify=2.

Reply | Quote

FWIW I’ve noticed Defender Updating behavior as follows:
Main Daily Def Updates – take immediate priority.
Delta Def Updates – can sit accumulating until included in a Main Daily Def Update,

unless prompted by the user to manually update in-between the Main Daily Def Updates.

Windows - commercial by definition and now function...

Reply | Quote

Paul T wrote:

My experience is that Defender doesn’t update reliably if you are “metered”, thus the daily scheduled task.

Delivery Optimisation is designed to hold back on metered connections, but will fall back to BITS when needed.

BITS is much ‘dumber’… but will always still pass on updates that Microsoft deems as either ‘important’ (like defininition updates) or ‘critical’ (like known breaches).

This has come up time and time again.

If Microsoft deems a threat to be ‘critical’ (i.e. a higher priority level than ‘important’) then it will just ignore ALL your patches/policies/protections and do what it wants irrespective of your wishes… ‘cos that’s the power of Microsoft’s remotely-triggered, built-in TrustedInstaller account.

TrustedInstaller will stomp over *all* in-place protections… which you probably had no idea was possible.

Hope this helps…

Reply | Quote

I have set GP to notify, but not install and also defer Windows Updates I think 21 days  – maybe more to wait for Susan’s go aheads. That works as expected and well. BUT, I get Defender update notifications DAILY.

I always accept them.  So it seems that scenario has not beeen covered. I am not set to metered. I use another AntiVirus so Defender is set to occasional scan which it does and works well alongside ESET.

I’d love to automate the Defender updates while keeping the other settings.

 

 

1 user thanked author for this post.

SkipH

Reply | Quote

You can use my scheduled update regardless of having eset. Then you won’t get the manual update prompts from Defender.

cheers, Paul

Reply | Quote