Initial hours of newly installed Windows OS deployments can suffer with Microsoft Defender protection gap, as the installation OS images may contain outdated Anti-Malware Software binaries. These devices will remain under protected until the first Anti-Malware software update finishes. To solve this issue, Microsoft has released a special script that updates Defender in offline installation images to the latest version.
Windows Defender is the default antivirus app shipped with Windows 10. Earlier versions of Windows like Windows 8.1, Windows 8, Windows 7 and Vista also had it but it was less efficient previously as it only scanned spyware and adware. In Windows 8 and Windows 10, Defender is based on the Microsoft Security Essentials app which offers better protection by adding full blown protection against all kinds of malware. Microsoft is renaming the app Microsoft Defender.
Recent Windows 10 version come with is a new app called Windows Security. The application, formerly known as “Windows Defender Dashboard” and “Windows Defender Security Center”, has been created to help the user control his security and privacy settings in a clear and useful way. It includes all the settings related to Windows Defender. The Security Center app is reviewed in the post Windows Defender Security Center in Windows 10 Creators Update.
Defender signature updates are tied to the built-in Windows Update feature. In older Windows 10 releases, when you have it disabled, paused with Focus Assist, or you are on a metered connection, Microsoft Defender couldn’t receive signature updates. In this case, you could use a number of methods to manually update Defender signatures:
- Manually Update Definitions for Windows Defender in Windows 10
- Schedule Defender Signature Updates in Windows 10
The only issue that it is hard to update the signatures and the Defender app inside an installation image. To resolve it, Microsoft has released a special tool: Anti-Malware Update package for Microsoft Defender in the OS installation images (WIM or VHD files).
It includes monthly updates and fixes to the Microsoft Defender antimalware platform and engine that’s used by Microsoft Defender Antivirus in Windows 10. This package also includes the latest security intelligence update that is available up to the date of release.
Download Microsoft Defender update for Windows Operating system installation image
The package is applicable to the following products.
- Windows 10 (Enterprise, Pro, and Home editions)
- Windows Server 2019
- Windows Server 2016
How to apply this update
PS C:> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action AddUpdate – ImagePath <path_to_Os_Image> -Package <path_to_package>
How to remove or roll back this update
PS C:> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action RemoveUpdate – ImagePath <path_to_Os_Image>
How to list details of installed update
PS C:> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action ShowUpdate – ImagePath <path_to_Os_Image>
Refer to the official documentation to learn about the included files and update options.