Share via

Windows Defender not updating on windows 10 device via Configuration manager

Ashik Shaik 1 Reputation point
2020-11-11T14:21:12.023+00:00

I have two devices which are not updating with latest Defender signatures, both the devices have different issue.

  1. First device have Antimalware Policy update failure with a error code 0X80004005

I have tried to run the Gpupdate but failed and ran sfc/scannow -completed with error. Restarted the device and checked not update, checked for update still not updated.

  1. Second device Antimalware Policy update, but defender is not getting updated. Restarted the device , Gpupdate Success, clicked on Check for update still the device not updated, could some one help to fix this issue.
Microsoft Security | Intune | Configuration Manager | Updates
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Youssef Saad 3,416 Reputation points
    2020-11-11T21:27:22.093+00:00

    Hi @Ashik Shaik ,

    How do you deploy SCEP/Windows Defender software updates? Using ADR or manually ?

    1. 0X80004005 is a generic error code, you have to investigate more in software updates log files:
      • WUAHandler.log
      • UpdatesStore.log
      • UpdatesDeployment.log
      • EndpointProtectionAgent.log

    Gpupdate has nothing with Endpoint protection updates, It updates just the policies applied to the machine/user from Active Directory.
    If there is an issue on SFC scan command, you have to fix it first.

    1. Check also the above log files for more details.

    Regards,

    Youssef Saad | Blog | LinkedIn | Twitter
    Please **remember to “Accept answer” ** for useful answers, thank you!

    0 comments
  2. AllenLiu-MSFT 49,316 Reputation points Microsoft External Staff
    2020-11-12T03:02:48.093+00:00

    @Ashik Shaik
    Thank you for posting in Microsoft Q&A forum.
    You may check below article for common issue of Windows Defender or Endpoint Protection client to see if it helps:
    https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/troubleshoot-endpoint-client

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  3. Vaigundla Ravi Kiran 1 Reputation point
    2020-11-12T14:46:51.283+00:00

    Hi
    Thank you For posting Microsoft QA
    please check the Logs
    %windir%\temp\MpCmdRun.log
    %windir%\temp\MpSigStub.log
    please check the Wuhandler.log might this issue is as per my knowledge please go to the Software Distribution Folder please remove the Datastore.edb and try it may be WMI name space issue please check the WMI explorer tool

    Thank You

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.