Share via

Windows defender for Antivirus and Endpoint updates

Nithyanandham Singaravadivelu 1 Reputation point
2024-08-14T16:28:02.1333333+00:00

Hi All,

We are planning to deploy defender for endpoint for our premises, the patch management solution which we are using is Ivanti to deploy the patches to windows 10 and 11 client machines.

I read from the MS article that below are the patches responsible for MDE updates in windows 10 and 11 machines KB4052623 - Platform Updates KB2267602 - SIU and AV engine updates

Microsoft has provided the following update locations for signature update fallback order, I understand that we can define this update location in our Intune policy or GPO for the windows client machines to take the defender updates, but how these update locations are applicable for the environment who were using the third party solutions such as Ivanti to apply windows patches for windows 10 and windows 11 computers ?

what is the recommended approach to perform the platform updates, AV engine update and SIU for the environments who were using the third party patching solutions ?

Can we directly push these updates from third party patching solutions to the windows 10 and 11 devices ? OR the windows defender updates for Windows 10 and windows 11 machines should only be updated from either one of the update locations ?

KB4052623 - Platform Updates

KB2267602 - SIU and AV engine

Updates Update locations :

Windows Server Update Service

Microsoft Update

File share

Microsoft Configuration Manager

Security intelligence updates and platform updates for Microsoft Defender Antivirus and other Microsoft anti-malware (formerly referred to as MMPC)

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,905 questions
Microsoft Configuration Manager Updates
Microsoft Configuration Manager Updates
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
1,043 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
417 questions
Microsoft Intune Updates
Microsoft Intune Updates
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
102 questions
0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. K-Mohammed 235 Reputation points Microsoft Employee
    2024-09-13T11:06:45.35+00:00

    Hi, thanks for reaching out!

    The updates you’re referring to can be installed either through Group Policy (GPO) or Intune. You can follow the steps documented in these articles:

    However, if you’re using a third-party service like Ivanti, we suggest validating with your vendor to ensure it supports integration with WSUS or Microsoft Update to push updates to your Windows devices.

    Hope this helps!

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.