Microsoft
Microsoft
Hi,
Circling back on this. We have found a difference in behavior on Windows Server 2012 R2 vs 2016: Defender does not perform an automated daily security intelligence update when Windows Update is configured other than the default “Install updates automatically (recommended)” - it respects the WU configuration (and there is no patch management solution scheduling/applying updates to modify this behavior). On Windows Server 2016 and later, Defender will check for and apply security intelligence updates daily.
The expectation is for the fix to roll out broadly with the next platform update (KB4052623), November release 4.18.2111.X with an ETA of mid December.
If you would like to test earlier, you can consider setting a/some machines to participate in Beta (current phase) or Preview channels for gradual rollout of the platform update:
Set-MpPreference -PlatformUpdatesChannel Beta
(revert the change to default with Remove-MPPreference -PlatformUpdatesChannel)
More information on configuring your own gradual rollout at Create a custom gradual rollout process for Microsoft Defender updates | Microsoft Docs.
Update: this fix has been live since mid-December, please update! GinaKomoroske.