Skip installation of Defender updates on Server systems

Skip installation of Defender updates on Server systems

Postby Dalai » 28.02.2019, 18:41

Hi there :).

While installing and updating a Server 2012 R2 at work I saw that WOU installs KB3038936 which is "August 2015 anti-malware update for Windows Defender", and although that's successful, it installs this update over and over again (because it's missing over and over again). This should be avoided because by default there is no Windows Defender on Windows Server (2012 [R2]). Maybe WOU could check for the Windows edition or check for the existence of a service named "WinDefend" something.

I added KB3038936 to the custom exclude list because we don't use Windows Defender on any machines at work.

Regards
Dalai
Dalai
 
Posts: 800
Joined: 12.07.2016, 21:00

Re: Skip installation of Defender updates on Server systems

Postby WSUSUpdateAdmin » 26.03.2019, 15:10

Hi.

I just wonder how to check for defender service depending on the kb-Id...

Cheers,
Torsten
WSUSUpdateAdmin
Administrator
 
Posts: 2183
Joined: 07.07.2009, 14:38

Re: Skip installation of Defender updates on Server systems

Postby Dalai » 26.03.2019, 17:11

The service name is static, it's not changed by an update. Well, until MS renames the service ...

I just checked - the service is called "WinDefend" in Windows 8.1 as well as Win10 1809. There is no such service on Server 2012 R2. So checking with
Code: Select all
sc query WinDefend
if the service exists should be enough.

Regards
Dalai
Dalai
 
Posts: 800
Joined: 12.07.2016, 21:00

Re: Skip installation of Defender updates on Server systems

Postby aker » 27.03.2019, 08:54

Windows Defender is „WinDefend“ on the following systems (I checked):
- w60
- w2k8
- w61
- w2k8r2
- w63
- w100 (all public builds up to 17763)
- w2k16 (14393)
- w2k19 (17763)
Wer Rechtschreibfehler findet, darf sie behalten oder an den Meistbietenden versteigern. / Everybody finding a misspelling is allowed to sell it.
aker
aker
 
Posts: 3196
Joined: 02.03.2011, 15:32
Location: %SystemRoot%\System32\Boot\winload.efi

Re: Skip installation of Defender updates on Server systems

Postby Dalai » 27.03.2019, 17:22

After thinking some more about it, I think I know what you mean: How do you know if a regular KB update is for Windows Defender before installing it? Actually, I have no idea, except compiling a (static) list WOU can compare against. Yes, this would mean maintaining and updating such list every once in a while.

Regards
Dalai
Dalai
 
Posts: 800
Joined: 12.07.2016, 21:00


Return to Anregungen / Suggestions

Who is online

Users browsing this forum: No registered users and 4 guests