Microsoft
Thanks for your reply.
Yes so the servers I'm working on already have Defender on as standard with 2016. EDR is set to replace ESET therefore, I've run the installation script with parameters to onboard the device and set it to passive at the same time. This all works fine.
However, when I look at updates that have been installed on this device, I have the latest Servicing Stack and Cumuliative Update. Then update for Defender Antivirus antimalware platform (KB4052623). No where is the update for KB5005292, if I find the update in Wsus by manually searching for it, I have approved and targeted it towards this device but still nothing.
The server itself, if I go to ProgramData\Windows Defender Advanced Threat Protection\platform I can see a folder with the version 10.8046.22439.1040. This tells me it's picked up the update but I can't confirm that anywhere. Is it possible it's hidden? If so, how can I check it's been installed?
I've around 400 servers to perform this process on so my concern is this will cause me some headaches.
Worth mentioning aswell, in ATP Admin Centre it reporter this server needing an EDR Sensor update, presumably as this KB wasn't applied. 2 days later that notification has gone, it must have updated but again how can I confirm this.
Thanks in advance
