SCCM Monthly antimalware platform updates for Windows Defender

  • Thread starter Yvette O'Meally
  • Start date
Y

Yvette O'Meally

Guest
#1
Beginning with December 2017, Microsoft is releasing antimalware platform updates for Windows Defender each month. The platform updates will be published as follows: category: Definition Updates, product: Windows Defender. If you use a Configuration Manager automatic deployment rule (ADR) to approve and deploy definition updates for Windows Defender, that same ADR will now pick up these monthly platform updates. The platform updates are applicable to Windows Defender running on Windows 10 (version 1607 and later) and Windows Server 2016.

The title of the platform updates will be in the form: Update for Windows Defender antimalware platform – KB 4052623 (Version X.X.X.X). For example, Update for Windows Defender antimalware platform – KB4052623 (4.12.17007.17123). Initially, for a given month, the platform update is released gradually. For this reason, you may see low or no required and installed counts in your Configuration Manager console. And there may be more than one version of a platform update released in each month as part of the gradual deployment process. Once the platform update is released broadly, more clients will find the final version of the update as applicable and install.

Frequently Asked Questions

What makes up the platform for Windows Defender and why does it need to be updated monthly?


The platform is often referred to as the “antimalware client”. It is composed of the services, drivers, user interface, and management providers needed to provide protection functionality. In the ever-changing landscape of antimalware and spyware, it is necessary to regularly update components that make up the platform for the highest level of protection.

I keep up-to-date with engine and definition updates. Isn’t that enough to protect my endpoints?


While keeping up-to-date with signatures and engines is a best practice, a machine that is up-to-date with both definition/engine and platform updates can have a higher protection level than a machine that is just update-to-date with definition/engine updates.

Are these platform updates also included in the monthly quality updates for Windows 10?


No. The platform updates are released out of band of the monthly quality updates for Windows 10. New feature updates for Windows 10 will include the latest platform version for Windows Defender at that time but then must be updated monthly via the platform updates.

Continue reading...
 
Top