It’s important for Windows Defender to stay up to date so that new known variants of malware can be detected. This can be achieved if we integrate Windows Defender with WSUS and Windows update, which we’ll show you how to do here in Windows Server 2016.
This post is part of our Microsoft 70-744 Securing Windows Server 2016 exam study guide series. For more related posts and information check out our full 70-744 study guide.
Updating Windows Defender
By default Windows Defender will update automatically. We can open the Windows Defender graphical user interface (GUI) and select the update tab, as shown below.
This window will show the virus and spyware definition versions, as well as when they were last updated. We can optionally click the “Update Definitions” button towards the right to manually initiate an update. Note that this does require the Windows update service to be running to work.
Windows Defender with WSUS
If our system is configured to receive Windows updates through a Windows Server Update Services (WSUS) server, we can configure WSUS to actually download and approve these updates for Windows Defender. When the system performs a Windows update through WSUS, the definition updates will also be updated.
In the WSUS console if we select Options > Products and Classifications, followed by the Classifications tab, we can see that Definition Updates is selected by default. This means that by Default WSUS should download definition updates for Windows Defender.
If we look at the automatic approvals under Options > Automatic Approvals however, only critical and security updates are automatically approved by default.
We can of course modify this to allow definition updates to automatically approve if we want, meaning that our servers using the WSUS server will download them when available without manual approval.
Refer to our guide if you need further information regarding configuring automatic updates with WSUS.
We have illustrated the importance of keeping Windows Defender up to date, this is done when we integrate Windows Defender with WSUS and Windows Update.