locked
Microsoft Security Essentials not taking definition updates from WSUS Server. RRS feed

  • Question

  • Hi Experts,

    I have a WSUS server installed on network on which MSE definition updates are installed, but the MSE on the client computer is not getting updates from it.

    When I click the update button it gives me error "Virus and spyware definitions couldn't be updated".

    The error code i am getting is 0x80244018. The definition updates couldn't be installed please try again later.

    I also have TMG on my network as a default gateway, I want to update MSE from WSUS not from microsoft update.

    Do I have to change rules....??? or any suggesstions that how MSE can be automatically updated from WSUS, the WSUS setting is saved into a GROUP Policy and applied....

    Please advice......

    Tuesday, January 13, 2015 7:10 AM

Answers

  • The error code i am getting is 0x80244018.

    This is an HTTP 403 error, which is generally (but not always) indicative of a proxy server interfering with the download. Assuming this is happening when the client is trying to get Definition Updates from Microsoft during the daily scan, this error will likely go away once you properly set up WSUS to provide the definition updates.

    I want to update MSE from WSUS not from microsoft update.

    To do this, you need the following:

    • The Definition Updates classification must be configured for synchronization.
    • An Automatic Approval rule that approves the Definition Updates classification for the appropriate target group(s) must be configured and enabled.
    • The policy setting Allow Automatic Updates immediate installation must be ENABLED.
    • Your WSUS server should be configured to synchronize multiple times per day (at least 2).
    • Your clients should be configured with a shorter Detection Frequency (8 hours is ideal).

    With the above configured, the clients will check the WSUS server 3x-4x per day, find the latest available Definition Update, download it and install it immediately.

    Note, however, that if the client fails to download and install Definition Updates, MSE will continue to do a check, and attempt to update the Definition Updates during the daily scan. If your TMG blocks the client's Internet access, then they will continue to log HTTP 403 errors when this definition update attempt is executed. (This is why you configure multiple syncs and scans per day -- so the client *never* has to go to Microsoft to get the current definition updates.)


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.


    Wednesday, January 14, 2015 8:22 PM

All replies

  • Is there any setting possible that when user clicks on Update in Microsoft Security Essential the update request is forwarded to WSUS Server....????
    Tuesday, January 13, 2015 7:20 AM
  • Hi,

    Can these client get updates from WSUS server?

    0x80244018 means HTTP error 403. It means that the client is forbidden to access the requested resource.

    To check if the GPO has been applied to the client, please run the command below:

    • gpupdate /force
    • gpresult /h C:\report.html

    Note: This procedure needs the privilege of the domain administrator.

    Then we can check report to find out if the WSUS settings are applied to the client.

    Also, if it is possible, please post the windowsupdate.log of the clients here. It may give some hints.

    Best Regards.


    Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, January 14, 2015 6:21 AM
  • The error code i am getting is 0x80244018.

    This is an HTTP 403 error, which is generally (but not always) indicative of a proxy server interfering with the download. Assuming this is happening when the client is trying to get Definition Updates from Microsoft during the daily scan, this error will likely go away once you properly set up WSUS to provide the definition updates.

    I want to update MSE from WSUS not from microsoft update.

    To do this, you need the following:

    • The Definition Updates classification must be configured for synchronization.
    • An Automatic Approval rule that approves the Definition Updates classification for the appropriate target group(s) must be configured and enabled.
    • The policy setting Allow Automatic Updates immediate installation must be ENABLED.
    • Your WSUS server should be configured to synchronize multiple times per day (at least 2).
    • Your clients should be configured with a shorter Detection Frequency (8 hours is ideal).

    With the above configured, the clients will check the WSUS server 3x-4x per day, find the latest available Definition Update, download it and install it immediately.

    Note, however, that if the client fails to download and install Definition Updates, MSE will continue to do a check, and attempt to update the Definition Updates during the daily scan. If your TMG blocks the client's Internet access, then they will continue to log HTTP 403 errors when this definition update attempt is executed. (This is why you configure multiple syncs and scans per day -- so the client *never* has to go to Microsoft to get the current definition updates.)


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.


    Wednesday, January 14, 2015 8:22 PM
  • Is there any setting possible that when user clicks on Update in Microsoft Security Essential the update request is forwarded to WSUS Server....????

    No.

    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Wednesday, January 14, 2015 8:22 PM