How to Schedule Signature Updates for Microsoft Defender Antivirus in Windows 10
Microsoft Defender (formerly Windows Defender) Antivirus uses security intelligence definitions to detect threats. Windows 10 automatically downloads the most recent intelligence available through Windows Update. You can also create a custom schedule to get signature updates more frequently, or when Windows Update is paused or disabled.
Windows Defender is the default antivirus app shipped with Windows 10. Earlier versions of Windows like Windows 8.1, Windows 8, Windows 7 and Vista also had it but it was less efficient previously as it only scanned spyware and adware. In Windows 8 and Windows 10, Defender is based on the Microsoft Security Essentials app which offers better protection by adding full blown protection against all kinds of malware. Microsoft is renaming the app Microsoft Defender.
Recent Windows 10 version come with is a new app called Windows Security. The application, formerly known as “Windows Defender Dashboard” and “Windows Defender Security Center”, has been created to help the user control his security and privacy settings in a clear and useful way. It includes all the settings related to Windows Defender. The Security Center app is reviewed in the post Windows Defender Security Center in Windows 10 Creators Update.
Note: Windows 10 allows to only temporary disable Windows Defender with a special option in Windows Security. After some period of time, it will be re-enabled automatically. If you need to disable it permanently, see Disable Windows Defender in Windows 10.
Defender Signature Updates
Microsoft continually updates security intelligence in antimalware products to cover the latest threats and to constantly tweak detection logic, enhancing the ability of Windows Defender Antivirus and other Microsoft antimalware solutions to accurately identify threats. This security intelligence works directly with cloud-based protection to deliver fast and powerful AI-enhanced, next-generation protection.
Defender signature updates are tied to the built-in Windows Update feature. When you have it disabled, paused with Focus Assist, or you are on a metered connection, Microsoft Defender won’t receive signature updates, too. In this case, you can create a custom schedule for it, making its updates independent from Windows Update.
In a previous article we have already reviewed a number of methods you can use to manually update Defender signatures.
One of them is suitable for creating a scheduled task in Windows 10. In short, from the article above you can learn that you can trigger the update from the command prompt. This is possible with the console
MpCmdRun.exe utility which is part of Microsoft Defender and used mostly for scheduled scanning tasks by IT administrators. The
MpCmdRun.exe tool has a number of command line switches which can be viewed by running MpCmdRun.exe with “/?”. We need two of them,
- Clear the downloaded signature cache:
"%ProgramFiles%Windows DefenderMpCmdRun.exe" -removedefinitions -dynamicsignatures.
- Update definitions:
"%ProgramFiles%Windows DefenderMpCmdRun.exe" -SignatureUpdate.
To Schedule Defender Signature Updates in Windows 10,
- Open Administrative tools and click on the Task Scheduler icon.
- In the left pane, click the item “Task Scheduler Library”:
- In the right pane, click on the link “Create task”:
- A new window titled “Create Task” will be opened. On the “General” tab, specify the name of the task. Pick an easily recognizable name like “Update Defender Signatures”.
- Tick the checkbox named “Run with highest privileges”.
- Enable the option “Run whether user is logged on or not”.
- Switch to the “Actions” tab. There, click the “New…” button:
- The “New Action” window will be opened. There, you need to specify the following data.
Start a program
- Click on the New button again, and create the following new action:
Start a program
- Go to the Triggers tab in your task. There, click on the New button.
- Under Begin the task, select On a schedule in the drop down list.
- Specify the desired time frame, e.g. daily, and click on the OK button.
- Switch to the “Conditions” tab:
- Untick these options:
– Stop if the computer switches to battery power
– Start the task only if the computer is on AC power
See the following screenshot:
- Switch to the Settings tab.
- Turn on (check) the following options:
- Allow task to be run on demand (should be already enabled by default).
- Run task as soon as possible after a scheduled start missed.
- Click OK to create your task and type your administrative login and password when prompted.
Note: Your administrative account should be password protected. By default, unprotected user accounts cannot be used with scheduled tasks.