Microsoft Defender fails to update from File Share
Hello! I've tried to configure my Windows system to use Defender Updates through File Share. On my domain controller I've set two GPOs to make it possible. Define file shares for downloading security intelligence updates -> \\fileserver\DefenderUpdates Define the order of sources for downloading security intelligence updates -> FileShares When running the command Get-MpPreference I can see that the GPOs were successful with the following output: SignatureDefinitionUpdateFileSharesSources : \\fileserver\DefenderUpdates SignatureDisableUpdateOnStartupWithoutEngine : False SignatureFallbackOrder : FileShares The file structure on the file share looks like the following: \---DefenderUpdates \---x64 mpam-fe.exe Then I tried to run the command Update-MpSignature and I get the following error message: Update-MpSignature: Virtus and spyware definitions update was complated with errors. At line:1 char:1 + Update-MpSignature + + CategoryInfo : NotSpecified: <MSFT_MpSignature:ROOT\Microsoft\...SFT_MpSignature> [Update-Signature], CimException + FullyQualifiedErrorId : HRESULT 0x8024402c,Update-MpSignature This has worked previously but I don't know what has changed. Does any one have a clue? Best regards, dedicated-worker.
Prohibit standard users from adding exclusions to Windows Defender (Windows Security)
Hello there, How can I prohibit standard users from adding exclusions in Windows Defender? I would like to only control the Defender-exclusions from a central point and the standard users should not be able to add exclusions themselves. I've searched through GPO's and settings in Intune but can't seem to find the correct setting. Does anyone know if this is possible? If it is, where is the setting then? Windows 10 Enterprise, 1903 and 2004. Devices are Hybrid Azure AD JoinedWhy is MsMpEng.exe still scanning excluded directories
THe MsMpEng.exe process is very active in our environment. Checking with Process Monitor filtered on MsMpEng.exe i can see it is very busy scanning my ISO directory, but i have excluded that directory in real-time scanning in Defender long ago. Why is it still scanning that directory, and i see many others i excluded it is also scanning? Will Azure Intune rules overwrite local configurations? if so wouldn't it gray them out? I am able to set exclusions.
feature request: Windows Defender Antivirus - add "scan running processes"
feature request: Windows Defender Antivirus - add "scan running processes" scan for dead/multiple or dangerous processes or clean memory... most virus scanners only check files on drive, not running processes within memory.. and maybe add a rule to block a dangerous process.. AndréWindows Defender AV remote management
Hi, We are running an environment with remote users mostly with Windows 8.1 devices, but in a near future will rollout Windows 10. We have a EMS license, so are allowed to use Intune. At this moment we run Bitdefender AV on all laptops. But we are looking at Window Defender AV, cause it is already part of Windows 10. I setup an Intune policy to set some setting for Defender, that runs fine. But how do I manage Defender remote? For example, from the Bitdefender portal I`m able to force a product or signature update. Is this possible for Defender from a portal (Intune)? Thanks
