Dear Team,
We need to update Defender but its currently disabled via GPO and we have SCCM for patch update management.
As per the security we are advices to do the update.
Please help, do i need to enable defender first in order to update.
and also how to update defender via SCCM.
Thank you
Vikram
The managing update in SCCM for Microsoft Defender is similar to updating other products, you may take a look at:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus
https://docs.microsoft.com/en-us/mem/configmgr/sum/understand/software-updates-introduction
Hi Reza,
Thank you for the details,
Actually, in our environment Microsoft defender is disabled via GPO, can I still push version and signature updates via SCCM to clients even if its disabled.
Regards,
Vikram Doss
Hi there,
It is not necessary that you need to update the defender in order to update it.
Also to update defender via SCCM you can use any of several available methods to keep antimalware definitions up to date on client computers in your hierarchy.
To update antimalware definitions, you can use one or more of the following methods:
-Updates distributed from Configuration Manager
-Updates distributed from Windows Server Update Services (WSUS)
-Updates distributed from Microsoft Update
-Updates distributed from Microsoft Malware Protection Center
-Updates from UNC file shares
Configure definition updates for Endpoint Protection https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/endpoint-definition-updates
Use WSUS to deploy definition updates to computers that are running Windows Defender https://docs.microsoft.com/en-us/troubleshoot/mem/configmgr/deploy-definition-updates-using-wsus
--If the reply is helpful, please Upvote and Accept it as an answer–
Hello Vikram Doss,
Thanks for your effort and time to feedback on this forum. In order to help us research further, please help to describe in detail what the following means.
As far as I know, we did could apply the devices and get the Microsoft Defender Antivirus Updates through group policies.Actually, in our environment Microsoft defender is disabled via GPO
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
15 people are following this question.
