Update MpCmdRun.exe

Question

How do i replace the MpCmdRun.exe on windows core and no internet access.
the definitions are up-to-date

Microsoft Windows Defender Elevation of Privilege Vulnerability (CVE-2020-1163 & CVE-2020-1170)

• An antimalware application installed on the remote host is affected by an elevation of privilege vulnerability.

• Enable automatic updates to update the scan engine for the relevant antimalware applications. Refer to Knowledge Base Article 2510781 for information on how to verify that MMPE has been updated.

Path : C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\
Fixed version : 4.18.2005.1

Answer 1

Please use the PowerShell command Update-MpSignature as an administrator to update the antimalware definitions.
OR
Also, you can use the below mentioned link to download the update.
• x86 - https://go.microsoft.com/fwlink/?linkid=870379&arch=x86
• x64 - https://go.microsoft.com/fwlink/?linkid=870379&arch=x64

Answer 2

Hi,
If the machine could not connect internet. We could download the Windows Defender update offline. Then install update manually.
Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware
https://www.microsoft.com/en-us/wdsi/defenderupdates#:~:text=Microsoft%20Defender%20Antivirus%20and%20other%20Microsoft%20antimalware%20solutions%20provide%20a,check%20for%20the%20latest%20updates.
How to install update manually in Windows Server Core.
https://learn.microsoft.com/en-us/windows-server/administration/server-core/server-core-servicing
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

Answer 3

Path : C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\
Installed version : 4.18.1911.3
Fixed version : 4.18.2005.1

Answer 4

i have same experience, : C:\Program Files\Windows Defender\ Installed version : 4.10.14393.4651 Fixed version : 4.18.2005.1 it is server 2016 and it has no internet connection. i follow up the instructions but no effect the version.