Microsoft Defender Antivirus Update SCCM

Vikram Doss 51 Reputation points
2022-04-07T07:52:43.787+00:00

Dear Team,

We need to update Defender but its currently disabled via GPO and we have SCCM for patch update management.

As per the security we are advices to do the update.

Please help, do i need to enable defender first in order to update.

and also how to update defender via SCCM.

Thank you
Vikram

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,626 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,956 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Reza-Ameri 17,006 Reputation points
    2022-04-07T14:05:48.773+00:00
    1 person found this answer helpful.
    0 comments No comments

  2. Limitless Technology 39,731 Reputation points
    2022-04-13T14:42:20.97+00:00

    Hi there,

    It is not necessary that you need to update the defender in order to update it.

    Also to update defender via SCCM you can use any of several available methods to keep antimalware definitions up to date on client computers in your hierarchy.

    To update antimalware definitions, you can use one or more of the following methods:

    -Updates distributed from Configuration Manager
    -Updates distributed from Windows Server Update Services (WSUS)
    -Updates distributed from Microsoft Update
    -Updates distributed from Microsoft Malware Protection Center
    -Updates from UNC file shares

    Configure definition updates for Endpoint Protection https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definition-updates

    Use WSUS to deploy definition updates to computers that are running Windows Defender https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/deploy-definition-updates-using-wsus

    ------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    1 person found this answer helpful.
    0 comments No comments

  3. Rita Hu -MSFT 9,641 Reputation points
    2022-04-14T04:53:04.19+00:00

    Hello Vikram Doss,

    Thanks for your effort and time to feedback on this forum. In order to help us research further, please help to describe in detail what the following means.

    Actually, in our environment Microsoft defender is disabled via GPO

    As far as I know, we did could apply the devices and get the Microsoft Defender Antivirus Updates through group policies.
    https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definitions-network

    Also we could deploy the Microsoft Defender Antivirus Updates through MECM.
    https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definitions-configmgr

    Please refer to the below screenshot to modify the default antimalware policy on the MECM console if you want to.
    192983-17.png

    Best regards,
    Rita


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments No comments

  4. Vikram Doss 51 Reputation points
    2022-04-11T06:34:19.267+00:00

    Hi Reza,

    Thank you for the details,

    Actually, in our environment Microsoft defender is disabled via GPO, can I still push version and signature updates via SCCM to clients even if its disabled.

    Regards,
    Vikram Doss


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.