Forum Discussion
Defender AV Security Intelligence and Product Updates for Azure Virtual Desktops
I have persistent AVDs with Defender AV running in passive mode. I need to know what's the default method for Defender AV to receive Security Intelligence Updates and Product updates on these AVDs. Does it automatically reach out to the windows update servers to get updates, or do I need to configure something to setup these updates?
This article has me confused, Configure Microsoft Defender Antivirus on a remote desktop or virtual desktop infrastructure environment | Microsoft Learn
Do I need to follow the step mentioned in this article or it is not required to get the updates?
- virtualmancIron Contributor
Hi, that article only really applies to non-persistent environments when you want to offload the downloading of Defender Updates to a dedicated VM.
If you are running Persistent VMs and are running Defender in passivated mode then your VMs will still reach out and download security updates. You can see how this process works here - https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide and here https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus?view=o365-worldwide - expertopinionsa12Copper Contributor
Hi Basra,
I’m sure the article you linked to is a bit outdated, and the default behavior of Defender AV has changed since then. Defender AV will automatically receive security intelligence updates even if it is running in passive mode.
Product updates, on the other hand, are not automatically installed by default. You will need to configure Defender AV to receive product updates by following the steps in the article you linked to. Once you have configured Defender AV to receive product updates, it will automatically download and install the latest updates when they are available. However, if you are not comfortable configuring Defender AV yourself, you can always reach out to your security agency for help. They will be able to help you configure Defender AV and ensure that your AVDs are properly protected.
I hope this helps!