Definition Updates for Endpoint Protection on Windows 10

If you’re using System Center Endpoint Protection in your environment and start rolling out Windows 10 clients you might want to verify that they’re receiving definition updates. In the past for WSUS/SCCM to synchronize definition updates you’d simply enable the Forefront Endpoint Protection 2010 product to synchronize under the software update point component properties.

With Windows 10 this changes for the managed defender client via Configuration Manager. To synchronize the updates you’ll have to update the software update point component configuration to include the product Windows Defender. For Operating Systems prior to Windows 10 you’ll continue to receive definition updates when synchronizing the Forefront Endpoint Protection 2010 product via WSUS/SCCM.

To update your site complete the following:

  1. Launch the Configuration Manager Console
  2. Navigate to Administration > Overview > Site Configuration > Sites
  3. After selecting the site that requires updating, from the ribbon select Configure Site Components > Software Update Point
    1. Alternatively right click the site name, select Configure Site Components > Software Update Point
  4. Select the Products tab from the Software Update Point Component Properties window, scroll to the windows selection and check to enable the Windows Defender product from the list

windowsdefenderSoftware Update Point Component Properties Sync Settings Classifications Products Sync Schedula Supersedence Rules Languages 8 Embedded 8 Language Interface Packs 8 Language Packs Windows 8 8 1 and later drivers 1 Drivarz 8 1 Dynamic Update 8 1 Language Interface Packs 8 1 Language Packs @Windows Defender Dictionary Updates Embedded Standard 7 GDR-Dynamic Update Intamat aplorer 7 Dynamic Installer Intamat aplorar 8 Dynamic Installer Media Dynamic Installer Windows Graphics Driver Dynamic update EWndows RT 8 1 RT 8 1 and later drivers RT 8 1 Drivers RT Drivarz Windows Server 2003 Server 2003. Datacenter Edition Windows Server 2008 Bopb'

  1. Select OK to close the Software Update Point Component Properties window

After the above has been completed either wait for the software update point synchronization to complete via schedule or manually for a synchronization be completing the following:

  1. Launch the Configuration Manager Console
  2. Navigate to Software Library > Overview > Software Updates > All Software Updates
  3. Select Synchronize Software Updates from the top ribbon
    1. Alternatively you can complete the same via PowerShell by executing the command below
      Sync-CMSoftwareUpdate -FullSync $True

After the Synchronization has completed you should be able to search for System Center Endpoint Protection 2012 Client updates and see the available definition updates:

System Center Endpoint Protection 2012ΑΙ Ι • 4 items shown Center E r t protettio•n 2012 fO' System Er.dpoint 2012 Client - 199963) 2012 Cl&t 2012 Clie“t - (02952678) - 4.7.209.0

The final step is to update your Automatic Deployment Rule (ADR) that’s being used to populate your software update group(s) for Endpoint Protection Definition Updates. Simply add the Windows Defender product to the search criteria for the ADR, run to re-evaluate, and the updates will be available to the managed endpoints.

Nate Adams

Systems Architect

Leave a Reply

Your email address will not be published. Required fields are marked *