How To Update Microsoft Security Essentials In Windows Server 2012 R2

Recently I covered how to install Microsoft Security Essentials in Windows Server 2012 R2, however after performing a Windows update it failed to install with error 0x8004FF04.

Here I will discuss why this happens and then cover how to resolve this problem and update Microsoft Security Essentials manually.

From my experience definition updates have still been working fine through Windows update, so far I have only had a problem with this update, which is an update specifically for a newer version of the antimalware client itself.

A note to Windows 8, 8.1 or 10 users receiving this error for a Microsoft Security Essentials update: The built-in Windows Defender replaces Microsoft Security Essentials, if you have previously installed Microsoft Security Essentials but updated your operating system version it may no longer be supported and it should be safe to uninstall as Defender has taken over. This post is aimed toward those that have knowingly installed Microsoft Security Essentials on an unsupported operating system such as Windows Server 2012 R2 and want to update it.

Updating Microsoft Security Essentials

In this example I first downloaded and installed the latest version of Microsoft Security Essentials from Microsoft by following these steps. This installed version 4.8 of Microsoft Security Essentials.

After running Windows update it found KB3140527 which came out 23/02/2016 and was an update for Microsoft Security Essentials, version to be exact as shown below. This means that when I did this, the download through the website was not the most up to date version.

Microsoft Security Essentials Windows Update

Take note that this particular update is 8.5MB in size, this will be important later on.

The problem begins when trying to install this update, as shown the update fails and results in error code 8004FF04, simply meaning that the update does not support this version of the operating system.

Microsoft Security Essentials Failed Windows Update Error Code 8004FF04

This makes sense as technically Microsoft Security Essentials does not support Windows Server 2012 R2, we installed it with some slight customizations which we need to do again during the update.

If you had a look through my Microsoft Security Essentials installation guide, you may have noticed that error 8004FF04 came up there as well. Essentially the update is failing to install because it is not being run in compatibility mode for Windows 7, or with the /disableoslimit flag via Windows update causing it to fail.

In order to install the update, we need to run it manually with these customizations in place.

Windows update stores its downloaded update files in the C:\Windows\SoftwareDistribution\Download folder with different hashes for the file names. As the particular update that is failing to install in this case is 8.5MB in size, we simply look for a file within this folder that is also 8.5MB in size – in this case the file that is selected shown below.

Windows Update Download Folder

For this example, I copied this file over to my desktop to perform the required changes rather than modifying the original, I then renamed it to ‘update.exe’ however the file name isn’t particularly important here.

Next right click the file and select properties. From the properties window select the Compatibility tab. Under Compatibility mode, tick the “Run this program in compatibility mode for:” box and then select Windows 7 from the drop down menu, then click OK.

Microsoft Security Essentials Compatibility Mode

Now open command prompt as administrator and execute the file with the /disableoslimit flag on the end as shown below.

Command Prompt Update Microsoft Security Essentials

Assuming you selected the correct file from the Windows update folder, you should be greeted with the Microsoft Security Essentials upgrade wizard as shown below, simply click the Upgrade button to proceed.

Microsoft Security Essentials Upgrade Wizard

Once the upgrade has completed, click the finish button to complete the process.

Microsoft Security Essentials Update Wizard Complete

From here you can now open up Microsoft Security Essentials, select the Help drop down and then click About and you should see that the Client Version has been successfully updated to the version noted through Windows Update.

View Microsoft Security Essentials Version

Microsoft Security Essentials Version Number

This confirms that Microsoft Security Essentials has successfully been updated to the version that Windows update was failing to install. At this point we can go back to Windows update and run a check for updates, which should now no longer list the update as available, as it is now installed.

No Windows Updates Available For Microsoft Security Essentials


As Microsoft Security Essentials is not officially supported in Windows Server 2012 R2, we should expect strange and unexpected behaviour such as Windows updates failing to update it.

By applying similar changes that were done when we installed it, including setting the compatibility mode to Windows 7 and running the executable with the /disableoslimit flag, we can successfully update Microsoft Security Essentials when newer updates become available through Windows update that are not yet available for download through the Windows website.

Leave a comment ?


  1. Thank you. Your directions work. One questions – how did you figure out what the file name to change in the C:-Windows-SoftwareDistribution-Download location ?

    • I did not know the name, I worked it out based on the file size of the update. If you look at the update size available in Windows update you can find an update the same size from that folder.

  2. Thank you for this great explanation.
    It works :-)

  3. Garth Henderson

    Many thanks for this info. Developers need to use this workaround on our MSDN servers.

  4. Thank you for the info. It worked like a charm!

  5. Works great. Thank you.

  6. Perfect! What a fantastic explanation – I would never of got there without this article. Kudos.

  7. Awesome. Thanks for the help, issue has been resolved which I had since februari this year. :-)

  8. Brilliant!

  9. Thanks Jarrod, very useful.

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>