Skip to content

Manage Microsoft Defender Antivirus Updates Channels using Microsoft Intune

Introduction to Microsoft Defender Antivirus Updates Channels

Keeping Microsoft Defender Antivirus up-to-date is important to make sure that your devices have the latest technology and features they need to protect themselves from new malware and attack methods. Microsoft recommends, you to update your antivirus protection, even if Microsoft Defender Antivirus is running in passive mode. There are two types of updates that are needed to keep Microsoft Defender Antivirus up to date:

  • Engine Updates – refer to updates to the core scanning engine of the antivirus program. An engine update typically includes improvements to the algorithms and techniques used by the scanning engine to identify and eliminate malware. These updates may also include bug fixes, performance improvements, and other enhancements to the overall functionality of the antivirus program.
  • Security intelligence updates – refer to the regular updates that are released to keep the antivirus program up-to-date with the latest threat intelligence. These updates contain the latest definitions and signatures for known viruses, spyware, and other types of malware.
  • Platform updates – refers to a software update that enhances the overall functionality, performance, and security of the antivirus program. It includes various improvements and fixes to the underlying software platform on which the antivirus runs.

There are multiple update channels so that the different types of updates can be added gradually. The update cadence affects the number of update channels that can be used. The monthly updates offer a lot of ways to get updates, so they can be rolled out slowly to the whole environment. The daily updates provide lesser available update channels. Purely because of the significance of those changes and the speed with which they are delivered.

Lets configure Microsoft Defender Antivirus Updates Channels

You can configure Microsoft Defender Antivirus Updates Channels using Defender Update Control Profile in Microsoft Intune. The settings within that profile rely on the Defender CSP and are now also available via the Settings Catalog

  1. Open Microsoft Intune admin center navigate to Endpoint security > Antivirus
  2. On the Endpoint security | Antivirus blade, click Create policy
  3. On the Create a profile page, provide the following information and click Create

  • Platform: Select Windows 10 and later as value
  • Profile: Select Defender Update controls as value

  1. On the Basics page, provide a unique Name to distinguish the profile from other similar profiles and click Next

On the Configuration settings page, as shown in Figure 1, configure the following settings and click Next

  1. On the Scope tags page, configure the required scope tags click Next
  2. On the Assignments page, configure the assignment to the required users and/or devices and click Next

8. On the Review + create page, verify the configuration and click Create

Lets validate on the client device

Hope this will be informative for you.