Microsoft has launched a new Microsoft Defender Tool that will help users to update the Anti-malware software binaries present in the Windows 10 OS installation images.
In other words, you can choose to download an Anti-Malware Update package for OS installation images (WIM or VHD files) before any fresh Windows OS deployment.
This feature supports following OS installation images:
- Windows 10 (Enterprise, Pro, and Home editions)
- Windows Server 2019
- Windows Server 2016
Initial hours of newly installed Windows OS deployments can suffer with Microsoft Defender protection gap, as the installation OS images may contain outdated Anti-Malware Software binaries. These devices will remain under protected until the first Anti-Malware software update finishes. Regular servicing of OS installation images to update Microsoft Defender binaries minimizes this protection gap in new deployments.Microsoft
The package size (v1.1.2009.10) is approximately 110MB and updates the anti-malware client, anti-malware engine, and signature versions in the OS installation images to following versions:
- Platform version: 4.18.2008.9
- Engine version: 1.1.17400.5
- Signature version: : 1.323.2216.0
How to obtain this update
You have to download different update packages for different Windows Operating System image architectures. Select the architecture that matches your installation image to which you apply this update.
These links point to zip files defender-update-kit-[x86|x64].zip. Extract the .zip file to get the Defender update package (defender-dism-[x86|x64].cab) and an update patching tool (defenderupdatewinimage.ps1) that assists update operation for OS installation images.
Package update tool
To run this patching tool (DefenderUpdateWinImage.ps1), you need a 64-bit Windows 10 or later OS environment with PowerShell 5.1 or later versions. It needs Microsoft.Powershell.Security and DISM modules installed.
And run as Administrator privilege.
- Do not use this package to update live images as it can damage Windows Operating System that Is Running inside the Virtual Machine.
- The mentioned tool (DefenderUpdateWinImage.ps1) provides an option to remove the update. You may still want to keep a backup copy of images before applying update.
How to apply this update
PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action AddUpdate – ImagePath <path_to_Os_Image> -Package <path_to_package>
How to remove or roll back this update
PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action RemoveUpdate – ImagePath <path_to_Os_Image>
How to list details of installed update
PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action ShowUpdate – ImagePath <path_to_Os_Image>