Defender Update Controls

Copper Contributor


I need to understand what are the 3 terms in the screenshot? What do I manage when I create Profile for Defender Update Controls and and assign it to an endpoint?


Thanks in advance

Omar Antar



3 Replies
Hi Omar. This refers to different components of Microsoft Defender, and each has it's own update channel. You are just picking where those updates come from.

For example; If you search in Windows for "Window Security" > go to settings > then select "About" you'll see some of the components and their versions.

@2code-monte So as I understand it, this site controls the Windows Security updates .. Like when to download and install the updates.

But yet I do not understand which is responsible of what in the Windows Security. Let us say I set Engine Updates to Monthly and Platform update to half yearly. What impact does this make?

Appreciate your help

@Oadel57 The Engine and platform updates are monthly and the settings only allow settings within that range. From having a quick look at the settings you don't have the option of setting platform updates 6 monthly, and to be honest you do not want to leave any AV component for that long without an update. You want all 3 of these kept as up to date as possible on an ongoing basis. 



In this image the client version is your platform, and the Engine version is the Engine.


You want both of these updated monthly and the settings allow you to tweak how soon the endpoints will update after the update is made available by Microsoft. 

What this allows you to do is have a different policy for critical/sensitive/flakey endpoints that you may want to download updates for after they have been applied to other endpoints on your estate to monitor for any issues. 


Hope this helps.