The managing update in SCCM for Microsoft Defender is similar to updating other products, you may take a look at:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus
https://learn.microsoft.com/en-us/mem/configmgr/sum/understand/software-updates-introduction
Microsoft Defender Antivirus Update SCCM
Dear Team,
We need to update Defender but its currently disabled via GPO and we have SCCM for patch update management.
As per the security we are advices to do the update.
Please help, do i need to enable defender first in order to update.
and also how to update defender via SCCM.
Thank you
Vikram
4 answers
Sort by: Most helpful
-
Reza-Ameri 17,006 Reputation points
2022-04-07T14:05:48.773+00:00 -
Limitless Technology 39,731 Reputation points
2022-04-13T14:42:20.97+00:00 Hi there,
It is not necessary that you need to update the defender in order to update it.
Also to update defender via SCCM you can use any of several available methods to keep antimalware definitions up to date on client computers in your hierarchy.
To update antimalware definitions, you can use one or more of the following methods:
-Updates distributed from Configuration Manager
-Updates distributed from Windows Server Update Services (WSUS)
-Updates distributed from Microsoft Update
-Updates distributed from Microsoft Malware Protection Center
-Updates from UNC file sharesConfigure definition updates for Endpoint Protection https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definition-updates
Use WSUS to deploy definition updates to computers that are running Windows Defender https://learn.microsoft.com/en-us/troubleshoot/mem/configmgr/deploy-definition-updates-using-wsus
------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–
-
Rita Hu -MSFT 9,641 Reputation points
2022-04-14T04:53:04.19+00:00 Hello Vikram Doss,
Thanks for your effort and time to feedback on this forum. In order to help us research further, please help to describe in detail what the following means.
Actually, in our environment Microsoft defender is disabled via GPO
As far as I know, we did could apply the devices and get the Microsoft Defender Antivirus Updates through group policies.
https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definitions-networkAlso we could deploy the Microsoft Defender Antivirus Updates through MECM.
https://learn.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definitions-configmgrPlease refer to the below screenshot to modify the default antimalware policy on the MECM console if you want to.
Best regards,
Rita
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Vikram Doss 51 Reputation points
2022-04-11T06:34:19.267+00:00 Hi Reza,
Thank you for the details,
Actually, in our environment Microsoft defender is disabled via GPO, can I still push version and signature updates via SCCM to clients even if its disabled.
Regards,
Vikram Doss