Windows

Schedule Defender Signature Updates in Windows 10

How to Schedule Signature Updates for Microsoft Defender Antivirus in Windows 10

Microsoft Defender (formerly Windows Defender) Antivirus uses security intelligence definitions to detect threats. Windows 10 automatically downloads the most recent intelligence available through Windows Update. You can also create a custom schedule to get signature updates more frequently, or when Windows Update is paused or disabled.

Windows Defender is the default antivirus app shipped with Windows 10. Earlier versions of Windows like Windows 8.1, Windows 8, Windows 7 and Vista also had it but it was less efficient previously as it only scanned spyware and adware. In Windows 8 and Windows 10, Defender is based on the Microsoft Security Essentials app which offers better protection by adding full blown protection against all kinds of malware. Microsoft is renaming the app Microsoft Defender.

Microsoft Defender ATP Banner

Recent Windows 10 version come with is a new app called Windows Security. The application, formerly known as “Windows Defender Dashboard” and “Windows Defender Security Center”, has been created to help the user control his security and privacy settings in a clear and useful way. It includes all the settings related to Windows Defender. The Security Center app is reviewed in the post Windows Defender Security Center in Windows 10 Creators Update.

Note: Windows 10 allows to only temporary disable Windows Defender with a special option in Windows Security. After some period of time, it will be re-enabled automatically. If you need to disable it permanently, see Disable Windows Defender in Windows 10.

Defender Signature Updates

Microsoft continually updates security intelligence in antimalware products to cover the latest threats and to constantly tweak detection logic, enhancing the ability of Windows Defender Antivirus and other Microsoft antimalware solutions to accurately identify threats. This security intelligence works directly with cloud-based protection to deliver fast and powerful AI-enhanced, next-generation protection.

Defender signature updates are tied to the built-in Windows Update feature. When you have it disabled, paused with Focus Assist, or you are on a metered connection, Microsoft Defender won’t receive signature updates, too. In this case, you can create a custom schedule for it, making its updates independent from Windows Update.

In a previous article we have already reviewed a number of methods you can use to manually update Defender signatures.

Manually Update Definitions for Windows Defender in Windows 10

One of them is suitable for creating a scheduled task in Windows 10. In short, from the article above you can learn that you can trigger the update from the command prompt. This is possible with the console MpCmdRun.exe utility which is part of Microsoft Defender and used mostly for scheduled scanning tasks by IT administrators. The MpCmdRun.exe tool has a number of command line switches which can be viewed by running MpCmdRun.exe with “/?”. We need two of them,

  • Clear the downloaded signature cache: "%ProgramFiles%Windows DefenderMpCmdRun.exe" -removedefinitions -dynamicsignatures.
  • Update definitions: "%ProgramFiles%Windows DefenderMpCmdRun.exe" -SignatureUpdate.

To Schedule Defender Signature Updates in Windows 10,

  1. Open Administrative tools and click on the Task Scheduler icon.
  2. In the left pane, click the item “Task Scheduler Library”:Windows 10 Task Scheduler Library
  3. In the right pane, click on the link “Create task”:Windows 10 Create Task link
  4. A new window titled “Create Task” will be opened. On the “General” tab, specify the name of the task. Pick an easily recognizable name like “Update Defender Signatures”.Create Defender Task 1
  5. Tick the checkbox named “Run with highest privileges”.
  6. Enable the option “Run whether user is logged on or not”.Create Defender Task 2
  7. Switch to the “Actions” tab. There, click the “New…” button:
    Windows 10 Create Task window Actions tabWindows 10 Create Task window Actions tab new button
  8. The “New Action” window will be opened. There, you need to specify the following data.
    Action: Start a program
    Program/script: "%ProgramFiles%Windows DefenderMpCmdRun.exe"
    Add arguments(optional): -removedefinitions -dynamicsignatures.Create Defender Task 4
  9. Click on the New button again, and create the following new action:
    Action: Start a program
    Program/script: "%ProgramFiles%Windows DefenderMpCmdRun.exe"
    Add arguments(optional): -SignatureUpdate.Create Defender Task 5
  10. Go to the Triggers tab in your task. There, click on the New button.New Trigger Button
  11. Under Begin the task, select On a schedule in the drop down list.
  12. Specify the desired time frame, e.g. daily, and click on the OK button.Create Defender Task 3
  13. Switch to the “Conditions” tab:
    Windows 10 Create Task window Conditions tab
  14. Untick these options:
    – Stop if the computer switches to battery power
    – Start the task only if the computer is on AC power
    See the following screenshot:
    Windows 10 Create Task window Conditions unticked
  15. Switch to the Settings tab.
  16. Turn on (check) the following options:
    • Allow task to be run on demand (should be already enabled by default).
    • Run task as soon as possible after a scheduled start missed.Create Defender Task 6
  17. Click OK to create your task and type your administrative login and password when prompted.Create Task Password Prompt

Note: Your administrative account should be password protected. By default, unprotected user accounts cannot be used with scheduled tasks.

That’s it.