Microsoft has recently introduced an offline software update package for Microsoft Defender, targeting Windows Server 2016, Windows Server 2019, Windows 10, and Windows 11. The update is designed to help enterprises enable antivirus protection immediately after system installation.
The need for this update package arises from the potential risks associated with new Windows installations. Newly installed systems may take several hours to automatically update Microsoft Defender to the latest version and obtain the most recent virus definition files. The outdated virus database built into the system can expose it to potential threats.
The offline software update package automatically updates both the Microsoft Defender software itself and its virus definition files, providing enhanced protection against a wider range of malware.
Microsoft advises enterprises to maintain their Windows installation images regularly and update Microsoft Defender’s binary files to minimize the gap in virus database versions for new installations. It is recommended that these updates occur at least once every three months.
The offline software update package details are as follows:
- Microsoft Defender Package Version: 20230330.2 (last update date)
- Microsoft Defender Version: 4.18.2302.7
- Microsoft Defender Engine Version: 1.1.20100.6
- Microsoft Defender Security Intelligence Version: 1.385.1537.0
- ARM64: 58MB
- x64: 111MB
- x86: 102MB
IT administrators can use the included PowerShell script to integrate the update package into WIM and VHDX disk images. The specific methods for installation, removal, or rollback of updates, and listing installed updates can be found at the following link: https://support.microsoft.com/en-us/topic/microsoft-defender-update-for-windows-operating-system-installation-images-1c89630b-61ff-00a1-04e2-2d1f3865450d