Update: The modern, unified Microsoft Defender for Endpoint solution for Windows Server 2012 R2 and Windows Server 2016 is now generally available as of April 11th, 2022.
Ensure you apply the l...
Edit: I am pleased to report this was resolved by installing KB5005292 version 10.8048.22439.1065
I'm sharing this in case anyone else has experienced the same problem with MD4WS (Public Preview) on Windows Server 2012 R2.
After Windows Updates (deployed from WSUS) have applied and the server reboots, it hangs on "Shutting down service: Windows Module Installer". I left one server for days. After force rebooting, the server will uninstall updates and then try again, and again. Eventually all updates will install and the server will successfully reboot. I will have to wait until next month to see if it happens again.
I am mid way through deploying MDE to around 500 Windows Servers as follows:
2008 = SCEP only (MDE is not supported)
2008 R2 = SCEP + MMA
2012 = SCEP only (MDE is not supported)
2012 R2 = MD4WS + WDATP (replacing SCEP + MMA)
2016 = WD (Built in) + WDATP
2019 = WDAV+ATP (Built in)
2022 = MDAV+ATP (Built in)
I have 70 2012 R2 servers that have MD4WS installed and they all hang on patching. I have another 80 almost identical 2012 R2 servers that have 3rd party AV or SCEP installed and none of them hang on patching, neither do any of the other Windows Server versions.
I have the following exclusions applied by GPO to the 2012 R2 servers: