Sep 28 2022 05:53 AM
Microsoft Defender is not updating. When I click "Check for updates" in the window "Windows Security / Virus & threat protection" under "Virus & threat protection updates", Defender searches for updates forever but also immediately shows me the message "Security intelligence is up to date.". Problem is that's not true an this message appears even if my definitions ar weeks old.
I ran
MpCmdRun.exe -ValidateMapsConnection
as documented on https://learn.microsoft.com/de-de/microsoft-365/security/defender-endpoint/command-line-arguments-mi...
ValidateMapsConnection failed to establish a connection to MAPS (hr=80070057 httpcode=451) CmdTool: Failed with hr = 0x80070057. Check C:\Users\<USERNAME>\AppData\Local\Temp\MpCmdRun.log for more information
the logfile looks like this:
MpEnsureProcessMitigationPolicy: hr = 0x1 ValidateMapsConnection ValidateMapsConnection failed to establish a connection to MAPS (hr=80070057 httpcode=451) MpCmdRun.exe: hr = 0x80070057.
I already tried the following steps without success:
I don't have a 3rd party AV.
Any solutions? Is there a way I can do a ping to find out if I can connect to the update-server?
Sep 28 2022 12:32 PM
Sep 30 2022 12:33 AM
Thank you @Heike Ritter, I will verify that an post here again when I know more.
Oct 04 2022 05:56 AM
Oct 04 2022 03:09 PM
Apr 30 2023 06:01 PM - edited Apr 30 2023 06:01 PM
@baumwe
We had a similar issue. This fixed it for us:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-proxy-internet?...
Specifically this bit:
"If you are using static proxy setting on devices that are otherwise completely offline, meaning the operating system is unable to connect for the online certificate revocation list or Windows Update, then it is required to add the additional registry setting SSLOptions with a dword value of 0. Parent registry path location for "SSLOptions" is "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "