Windows Defender not update definition from WSUS RRS feed

  • Question

  • Hi guys,

    I have problem with Windows Defender, i have WSUS server to deploy windows update for clients.

    Clients can get patch (monthly rollup, security patch) update from WSUS, but when i approved the definition update of windows defender for clients, it still check update online from Microsoft, my client is restricted access to the internet

    This is event log :

    Windows Defender has encountered an error trying to update signatures.
      New Signature Version: 
      Previous Signature Version:
      Update Source: Microsoft Malware Protection Center
      Signature Type: Network Inspection System
      Update Type: Full
      User: ************
      Current Engine Version: 
      Previous Engine Version: 2.1.13804.0
      Error code: 0x80072efe
      Error description: The connection with the server was terminated abnormally 

    Why the client cannot get Windows Defender Definition Update from WSUS although it can get security update from WSUS, i have changed GPO setting "Specify intranet update server location" to my WSUS server and already created autoapprove rule.

    Monday, June 26, 2017 6:38 AM

All replies

  • Hi Sir,

    Have you checked this GP setting "Allow definition updates from microsoft update" :


    Also , the setting "define the order of sources for downloading definition updates"

    Best Regards,


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Edited by Elton_Ji Wednesday, June 28, 2017 10:11 AM
    Wednesday, June 28, 2017 10:10 AM