Microsoft Forefront Endpoint Protection virus and spyware definitions failing to update


  • I have 6 Windows 2008R2 servers that will not update virus and spyware definitions this morning. When I open Microsoft Forefront Endpoint Protection and attempt to  update definitions it fails with error code 0x80070490.  The home tap shows Connection failed.  I tried from Windows update and had issues and had to rename the softwaredistribution group folder to get Windows update to run.  I was able to update definitions manually using mpcmdrun.exe -signatureupdate -http.  In checking server log the issue started 2 days ago.

    These servers are VM's that run on Windows 2012R2 Datacenter hosts.  I have 5 Windows 2012R2 servers that are working fine. Microsoft Forefront Endpoint Protection updates definitions and shows no connection issues.  Windows update is working without issue.   Both 2008R2 and 2012R2 servers are on the same version of Forefront Endpoint protection.  That information is:

    Antimalware Client Version:
    Engine Version: 1.1.14306.0
    Antivirus definition: 1.257.1349.0
    Antispyware definition: 1.257.1349.0
    Network Inspection System Engine Version: 2.1.14202.0
    Network Inspection System Definition Version:

    Open for input on resolving this issue

    Robert R. Poor

    Monday, December 4, 2017 5:15 PM

All replies