Signature/Definition update

AzureJP 21 Reputation points
2021-02-24T08:47:59.483+00:00

I have Microsoft Defender Antivirus on my Windows Server 2016 and 2019 VMs. Do the signatures or definitions get updated only as part of Windows Update, or is there a separate mechanism updating and how frequently does this 'look' for an update?

What if this VM was also onboarded to Windows Defender in Security Center. Do the updates then get managed by ASC?

They are also onboarded to the new Microsoft Defender Security Center. Is that going to manage any updates?

Do I even need the local feature to be installed if they are protected by Azure Defender in ASC?

Lots of questions, but ones I can't seem to find a straight answer to. Appreciate any advice.

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,451 questions
Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,369 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,192 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. VipulSparsh-MSFT 16,231 Reputation points Microsoft Employee
    2021-02-24T13:42:02.743+00:00

    @AzureJP Microsoft Defender Antivirus needs monthly updates which also know as platform updates.

    You will have to use any of the distributions method of updates that you use already (Any one) :

    1) Windows Server Update Service (WSUS)
    2) Microsoft Endpoint Configuration Manager
    3) The usual method you use to deploy Microsoft and Windows updates to endpoints in your network.

    You can choose Microsoft endpoint manager (Intune) to push these updates :
    You can choose Group policy

    Read more options here and here

    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

  2. Teemo Tang 11,336 Reputation points
    2021-02-25T02:26:43.723+00:00

    Microsoft Defender Antivirus get updates automatically as part of Windows Update.
    Also, you could Manually download the update.
    https://www.microsoft.com/en-us/wdsi/defenderupdates

    In this Microsoft document, we can learn how to Manage the sources for Microsoft Defender Antivirus protection updates
    https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus

    -------------------------------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  3. AzureJP 21 Reputation points
    2021-02-25T14:46:04.617+00:00

    I think I understand. To clarify...

    Even when my Windows Server is being managed by Azure Defender (ASC Standard), and also onboarded into Microsoft Defender Security Center as an MDE, virus definitions are only delivered by "Windows Update" either online or from a WSUS just like any other Windows update?

    Is this accurate?