Forum Discussion
Microsoft Defender for Endpoint definition out of dated
Hi all, Some devices that connected to internet can't get update AV signature, I trying to forced security intelligence from GPO but can't latest definition update. Please advise solution to reso...
Could you give some additional info on the updates sources for security intelligence you setup in the GPO, and also how you manage general OS updates? (Windows Update? SCCM?)
Security intelligence and AV engine will be updated from the source you choose in GPO,
and AV platform updates will be retrieved as an OS update from Windows Update etc.
Security intelligence and AV engine will be updated from the source you choose in GPO,
and AV platform updates will be retrieved as an OS update from Windows Update etc.
Jonhed Thank you Jonh for advise, Please kindly below path of GPO has configured
GPO: Computer Configuration\Policies\Windows Components\Microsoft Defender for Antivirus\Security Intelligence Updates
Please kindly see details as attached pictures. And also advise if missing policy not configure.
Thank you,
- Ok, so you are running the default sources.
Can't remember what those are, so could you run "Get-MpPreference" in powershell and check the value of "SignatureFallbackOrder" is?
Also, what happens if you try to run a manual update from the security center on one of the affected pcs? Do you get some sort of error code?- In powershell "Get-MpPreference" I got "SignatureFallbackOrder" is "MicrosoftUpdateServer | MMPC"
Manual update also got failed Microsoft defender antivirus definition update. And error code is (0x80244018).
Thank you- Could be a network problem then.
Do you have a proxy in your environment
If you do are all the required URLs allowed, and have you setup defender to use said proxy?
