October 25, 2020

Microsoft supports the Windows 10 installation images to update Microsoft Defender

2 min read

By default, Windows 10 systems have installed the Microsoft Defender anti-virus software and will automatically download virus database updates after connecting to the Internet.

Therefore, under normal circumstances, users should not be affected by viruses after completing the installation. After all, as long as they can download the virus database online, they can scan for viruses.

However, this does not seem to be enough for professional and enterprise editions pursuing a high-security environment. For example, a virus attack just after the installation is completed may be extremely harmful.

Because the virus can be temporarily disabled before Microsoft Defender is updated, the virus database cannot be updated after the Internet is connected, and the virus can continue to do whatever it wants.

Microsoft Defender ATP

Microsoft has released technical documents to provide technical guidelines for high-security environments. According to Microsoft’s instructions, users can update the virus database during the Windows 10 installation images.

Supported includes Windows 10 Enterprise Edition, Professional Edition, and Home Edition. At the same time, the Windows Server series of server operating systems are also supported.

Administrators can use PowerShell commands to perform virus database network update and repair on WIM or VHD installation images during image deployment to ensure safety.

Microsoft stated that it will automatically download and install the latest Microsoft Defender virus database when using relevant commands, and will also detect whether the program installation package is damaged.

If it is damaged, the main program will be repaired to ensure that Microsoft Defender can be started as soon as it is turned on and use the virus database to perform security monitoring.

If the system is not connected to the Internet, you can also use the virus database to check and kill the virus in the removable disk. After the network is connected, the anti-virus software will also find the latest virus database update in time.

This package updates the anti-malware client, anti-malware engine, and signature versions in the OS installation images to following versions:

  • Platform version: 4.18.2008.9
  • Engine version: 1.1.17400.5
  • Signature version: : 1.323.2216.0

Microsoft Defender update for Windows Operating system installation image: 32-bit | 64-bit

How to apply this update

PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action AddUpdate – ImagePath <path_to_Os_Image> -Package <path_to_package>

How to remove or roll back this update

PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action RemoveUpdate – ImagePath <path_to_Os_Image>

How to list details of installed update

PS C:\> DefenderUpdateWinImage.ps1 – WorkingDirectory<path> –Action ShowUpdate – ImagePath <path_to_Os_Image>