Forum Discussion
MDE Updates on Co-Managed Devices
You don't need to move the Windows Update workload to Intune to manage Defender updates using Intune. Just create\enable the Defender AV updates using Intune. You can use the built-in Defender Update Controls profile under endpoint security.
Thank you for the response.
Since no update profile is configured in Intune, could you confirm the current source of updates for the devices? Should they be receiving Defender updates through SCCM?
Additionally, could you provide further guidance on configuring Defender update controls within Intune? Is it the settings under the AV policy?
Not if you are managing Defender policies using Intune. If you have done onboarding using EDR then I am taking that you moved the endpoint security workload to Intune already. As for update process itself, here is something you can use a starting point. https://learn.microsoft.com/en-us/defender-endpoint/manage-gradual-rollout
Yes, we have successfully onboarded our devices using EDR and moved the Endpoint Security workload to Intune as part of the pilot phase.
Could you advise on how we can verify the source of Defender updates on these devices? Are there specific registry locations or PowerShell commands that would allow us to check where the Defender updates are being received from?
