Updating Windows Defender

Hram Admin 0 Reputation points
2024-08-26T08:40:41.1166667+00:00

Hello!

Would anybody please tell me how using Windows Update correlates with updaing Defender's signatures? Consider the following situation:

  1. On 23 08 2024 at 12:20 PM I access the Windows Defender log and see that the latest installed update is the update xxx....262.0 and it was installed at 11:38 AM 23 08 2024
    At the same time I open Windows Update window and see that my Windows Server wants to install the update 256.0.01
  2. I install update 256.0 in Windows Update window and check the updates history:
    04-1

Theoretically update 256.0 could be the latest update when the Windows Update was checking the signatures at 3:24 AM but in this case

Q: why does the update list above contains only update 256.0 and does not contain any other updates that can be seen in the Defender log (up to 262.0) ?

Thank you in advance,
Michael

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,911 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  3. Ian Xue (Shanghai Wicresoft Co., Ltd.) 36,166 Reputation points Microsoft Vendor
    2024-08-29T02:04:35.0766667+00:00

    Hi Hram,

    Thanks for your post. Generally speaking, Microsoft Defender Antivirus uses cloud-delivered protection (also called the Microsoft Advanced Protection Service, or MAPS) and periodically downloads dynamic security intelligence updates to provide more protection. These dynamic updates don't take the place of regular security intelligence updates via security intelligence update.

    Cloud-delivered protection is always on and requires an active connection to the Internet to function. Security intelligence updates occur on a scheduled cadence (configurable via policy). For more information, see Use Microsoft cloud-provided protection in Microsoft Defender Antivirus.

    For a list of recent security intelligence updates, see Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.

    Engine updates are included with security intelligence updates and are released on a monthly cadence.

    Reference: Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint | Microsoft Learn

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.