Page 1 of 1

[SOLVED] WD definition for W8 or later is not downloaded

PostPosted: 12.07.2017, 10:01
by telnetuserid
On Windows Vista and 7, Windows Defender is only protect against spyware. Complete protection by M$ is provided separately by MSE.

On Windows 8 and later, Windows Defender is a full antivirus and antimalware suite. This version is also called Windows Defender Antivirus.

Apparently, the downloaded Windows Defender definition is small one (mpas-fe.exe), which appears to be the definition update for Windows Vista and 7. The definition update for Windows Defender for W8 and later (mpam-fe.exe) is not downloaded, i.e. not present in the client\wddefs\x64-glb folder. More information can be obtained from the WDSI portal [1].

It would be better to provide definition for Windows Defender Antivirus in addition to legacy Windows Defender when the checkbox "Include Windows Defender definition" is selected.

Legacy Windows Defender and MSE update file name is mpas-fe.exe

Windows Defender Antivirus definition update file name is mpam-fe.exe

[1] https://www.microsoft.com/en-us/wdsi/definitions

Re: WD definition for W8 or later is not downloaded

PostPosted: 12.07.2017, 10:11
by psj
This is already being done.
For Win8+ (w62,w63,w100) MSE definitions are downloaded if Windows Defender is selected.
The Files are stored in client/msse/...

mfg psj

Re: WD definition for W8 or later is not downloaded

PostPosted: 12.07.2017, 10:37
by telnetuserid
In the client\msse folder? Really? I don't see anything there except MSEInstall and nis_full.

I should run updategenerator later, since I got "same day rule" punishment for too many attempts checking for wsusoffline updates.

Re: WD definition for W8 or later is not downloaded

PostPosted: 12.07.2017, 12:16
by boco
That's not a punishment but a protection against MS' wonky servers. If you delete the hashes in .\client\md (or change their timestamp to the past) you're good to go, again.

Re: WD definition for W8 or later is not downloaded

PostPosted: 13.07.2017, 05:33
by telnetuserid
boco wrote:That's not a punishment but a protection against MS' wonky servers. If you delete the hashes in .\client\md (or change their timestamp to the past) you're good to go, again.


After running updategenerator at a later time, the mpam-fex64.exe is available inside ./client/msse/x64-glb/ subdirectory.

I think this case is solved.