Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.
Warning
Each version of Defender for Endpoint on macOS is set to expire automatically after 6 months. While expired versions continue to receive security intelligence updates, we recommend that you install the latest version to get all available improvements and enhancements.
To check the expiration date, run the following command:
mdatp health --field product_expiration
To update Microsoft Defender for Endpoint on macOS, Microsoft AutoUpdate (MAU) is used. MAU checks updates periodically, and automatically downloads and installs them.
You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization.
Use msupdate
MAU includes a command-line tool, called msupdate, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in Update Office for Mac by using msupdate.
In MAU, the application identifier for Microsoft Defender for Endpoint on macOS is WDAV00. To download and install the latest updates for Microsoft Defender for Endpoint on macOS, execute the following command from a Terminal window:
cd /Library/Application\ Support/Microsoft/MAU2.0/Microsoft\ AutoUpdate.app/Contents/MacOS
./msupdate --install --apps wdav00
Set preferences for Microsoft AutoUpdate
This section describes the most common preferences that can be used to configure MAU. These settings can be deployed as a configuration profile through the management console that your enterprise is using. An example of a configuration profile is shown in the following sections.
Set the channel name
For the latest information on this setting, see ChannelName.
The channel determines the type and frequency of updates that are offered through MAU. Devices in Beta can try out new features before devices in Preview and Current.
The Current channel contains the most stable version of the product.
Important
Prior to Microsoft AutoUpdate version 4.29, channels had different names:
Beta Channel was named InsiderFast (Insider Fast)
Current Channel (Preview) was named External (Insider Slow)
Current Channel was named Production
Tip
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to Beta or Preview.
Section
Value
Domain
com.microsoft.autoupdate2
Key
ChannelName
Data type
String
Possible values
Beta
Preview
Current
Warning
This setting changes the channel for all applications that are updated through Microsoft AutoUpdate. To change the channel only for Microsoft Defender for Endpoint on macOS, execute the following command after replacing [channel-name] with the desired channel:
Set to true to make the "Join the Office Insider Program..." checkbox unavailable / greyed out to users.
Section
Value
Domain
com.microsoft.autoupdate2
Key
DisableInsiderCheckbox
Data type
Boolean
Possible values
False (default)
True
Example configuration profile
The following configuration profile is used to:
Place the device in the Current channel
Automatically download and install updates
Enable the "Check for updates" button in the user interface
Allow users on the device to enroll into the Insider channels
Warning
The below configuration is an example configuration and should not be used in production without proper review of settings and tailor of configurations.
You've learned how to create a plan for your organization and how to prepare your organization, to bring its environment up to date. Now you'll learn how to help your organization to deploy an update.
Plan and execute an endpoint deployment strategy, using essential elements of modern management, co-management approaches, and Microsoft Intune integration.