Issues updating Windows Defender (KB2267602 will not install)

MEII 41 Reputation points
2022-08-03T18:58:54.52+00:00

The organization above me has rolled out the requirement for Microsoft Defender Endpoint to be used on our systems. They provided a configuration package which, from what they and I can tell, worked perfectly - all our devices report into their MDE management server. This evidently supplements the McAfee solution our organization has had us use for a few years now.

As a side effect, however, it seems like I now need to manage patching for Windows Defender. I've approved these in WSUS and it seems like KB2267602 is the one my client machines detect. Unfortunately they don't actually install - it just sticks at 0%. It doesn't ever seem to error out either - just stays at 0% eternally. If I do all the usual tricks to clear out the cache (stopping WUAUSRV, BITS, CRYPTSRV, etc) it will rescan, find it again, and continue to park at 0%.

I found some advice online that says there should be a setting in Windows Defender console to manually check for updates but I'm not seeing it - there's simply no "updates" option.

I see lots of people online have had this issue but so far nothing seems to help. Has anyone got insight on to how this can actually get installed?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,173 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,759 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rita Hu -MSFT 9,626 Reputation points
    2022-08-04T02:04:39.3+00:00

    @MEII
    Thanks for your posting on Q&A.

    Please try to follow the below link to apply the Group Policy(Define the order of source for downloading security intelligence updates) to specify the order of source for downloading security intelligence updates:
    https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-worldwide#use-group-policy-to-manage-the-update-location

    Reference picture:
    227905-24.png

    As far as I know, the devices will try to download the security intelligence updates in order.

    Hope the above will be helpful.

    Best regards,
    Rita

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Limitless Technology 39,371 Reputation points
    2022-08-05T15:28:15+00:00

    Hi there,

    If you disable the Defender temporarily are you able to push the updates via WSUS ?

    Can you try to get the update manually and see if you can install https://www.catalog.update.microsoft.com/Home.aspx them

    I hope this information helps. If you have any questions please let me know and I will be glad to help you out.

    ----------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--