none
Windows Defender definitions are not deploying via WSUS to Windows 7 sp1

    Question

  • Hi guys,

    Windows Defender definitions are not deploying via WSUS 3.0 sp2 on server 2003 r2 sp2 to all of our Windows 7 sp1 machine. Group policy is set for windows defender to go to the internal WSUS site  and the latest definitions have been approved in WSUS.

    Automatic updates is seeing the definitions as not applicable when the machine is on 1.117.2549.0 and the version available for out internal WSUS Box is 1.119.772.0

    The Client was on 1.95.191.0 before hand and i tried a manual install of the latest definitons (1.117.2549.0) to see if this can start the process going again but this did not work. 

    We have checked in WindowsUpdate.log and it says "* Found 0 updates...."

    We have tried updating directly with in windows defender and it doesn't work and nothing relevant is appering in the event viewer.

    Please help.  

    lundi 30 janvier 2012 16:13

Réponses

  • Hi guys,

    I have found out that Windows defender was not updating via WSUS due to Windows defender was getting uninstalled when Mcafee was installed.

    After doing loads of testing and building Virtual machine and removing the silent switches off the mcafee install, i found the problem. Even tho mcafee doesnt unstall windows defender it does stop it from getting definition updates from WSUS. Im not sure how, maybe a reg key but i wasnt able to find the regkey.

    If anyone out there knows a way to get round this, It would be a great help if you can get back to me.

    Thanks

    Zubs

    • Marqué comme réponse Zubs7 vendredi 30 mars 2012 15:21
    vendredi 30 mars 2012 15:21

Toutes les réponses

  • look for logs in C:\Windows\SoftwareDistribution

    and enable windows defender updates in WSUS/Options/Products and classifications

    lundi 30 janvier 2012 18:18
  • Hi guys,

    Windows Defender definitions are not deploying via WSUS 3.0 sp2 on server 2003 r2 sp2 to all of our Windows 7 sp1 machine. Group policy is set for windows defender to go to the internal WSUS site  and the latest definitions have been approved in WSUS.

    Automatic updates is seeing the definitions as not applicable when the machine is on 1.117.2549.0 and the version available for out internal WSUS Box is 1.119.772.0

    The Client was on 1.95.191.0 before hand and i tried a manual install of the latest definitons (1.117.2549.0) to see if this can start the process going again but this did not work. 

    We have checked in WindowsUpdate.log and it says "* Found 0 updates...."

    We have tried updating directly with in windows defender and it doesn't work and nothing relevant is appering in the event viewer.

    Please help.  


    Obviously,Automatic updates was seeing the definitions as not applicable when the machine is on 1.117.2549.0, that is the key here,and that's why you tried a manual install of the latest definitons (1.117.2549.0) and it's failed! It is not suitable to your clients and so it says "* Found 0 updates....".

    As I research,the newest version of Windows Defender definitions are the Kb915597(definition 1.119.772.0 released on 1/26/2012) and can be depolyed via WSUS to all WIN 7.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    mardi 31 janvier 2012 06:18
    Modérateur
  • Hi batina80

    Thanks for your reply

    The windows defender updates in WSUS/Options/Products and classifications have already been enabled hence me saying "the version available for our internal WSUS Box is 1.119.772.0"

    We have already looked in the logs on C:\Windows\SoftwareDistribution and it just has entries such as this one below (Showing 0 updates detected.)

    {DC403083-5E5A-44E9-9522-D511CAEC652B} 2012-01-31 05:08:14:634-0000 1 147 101 {00000000-0000-0000-0000-000000000000} 0 0 Windows Defender Success Software Synchronization Windows Update Client successfully detected 0 updates.

     

     

    mardi 31 janvier 2012 08:58
  • Hi Clarence

    Thanks for the reply.

    We have already released 1.119.772.0 via WSUS it is not this particularl definition it is all the definitions. 

    We have been approving them since 1.117.2549 to the current definition 1.119.772.0 and they all are showing as 0 updates detected.

     

     

     

    mardi 31 janvier 2012 10:02
  • did u tried

    net stop wuauserv

    Then Delete all in c:\windows\SoftwareDistribution

    net start wuauserv

    wuauclt /detectnow

    mardi 31 janvier 2012 11:37
  • Hi batina80

    Yes i have tried that as well. That was one of the first things i tried doing.

    Also we have rebooted the WSUS box as well.



    • Modifié Zubs7 mardi 31 janvier 2012 13:49
    mardi 31 janvier 2012 11:46
  • did u tried to manually update Windows Defender

    I had a similar problem with all updates for windows 7 but I realized that i approved all at once and wsus neaded time to download all, check wsus database now and check again in a day or two if it is same problem wsus database should be increased.

    mardi 31 janvier 2012 18:10
  • Hi guys,

    Windows Defender definitions are not deploying via WSUS 3.0 sp2 on server 2003 r2 sp2 to all of our Windows 7 sp1 machine. Group policy is set for windows defender to go to the internal WSUS site  and the latest definitions have been approved in WSUS.

    Automatic updates is seeing the definitions as not applicable when the machine is on 1.117.2549.0 and the version available for out internal WSUS Box is 1.119.772.0

    The Client was on 1.95.191.0 before hand and i tried a manual install of the latest definitons (1.117.2549.0) to see if this can start the process going again but this did not work. 

    We have checked in WindowsUpdate.log and it says "* Found 0 updates...."

    We have tried updating directly with in windows defender and it doesn't work and nothing relevant is appering in the event viewer.

    Please help.  

    The newest updates for Windows Defender definitions is Kb915597(definition 1.119.772.0 released on 1/26/2012),the others are  superseded.Even if you approve the 1.117.2549.0,it will not be detected as needed(it is not applicated due to definition 1.119.772.0 released).

    I confused on what exactly your problem is. As i see, you just need to approve Kb915597(definition 1.119.772.0) and decline all the Windows Defender definitions which has been superseded by (definition 1.119.772.0).

    If Kb915597(definition 1.119.772.0 released on 1/26/2012) has been deployed successfully, then everything is ok.

     

    Best regards,

    Clarence


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    mercredi 1 février 2012 03:11
    Modérateur
  • Hi Batina80,

    i have manually updated windows defender and it has worked.

    also its not all the updates from WSUS its just the windows defender updates that dont seem to download.

    mercredi 1 février 2012 11:02
  • Hi Clarence,

    we have already approved the newest version of the definition on WSUS which is (1.119.772.0) and we have historical been approving the definitions since (1.117.2549.0)

    The definition 1.119.772.0 is approved in WSUS but is does not seem to deploy to the windows 7 machines.

    mercredi 1 février 2012 13:23
  • Hi Clarence,

    we have already approved the newest version of the definition on WSUS which is (1.119.772.0) and we have historical been approving the definitions since (1.117.2549.0)

    The definition 1.119.772.0 is approved in WSUS but is does not seem to deploy to the windows 7 machines.

    Asked and answerd weekly in this forum
    1. The updates are not approved.
    2. The updates are not approved for the right group(s).
    3. The client is not assigned to the right group(s) - when Client-Side Targeting is being used.
    4. The Options | Computers setting on the WSUS server is inconsistent with the GPO settings.
    5. The files for the approved updates are not downloaded to the WSUS server.

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    jeudi 2 février 2012 05:56
    Modérateur
  • Hi Clarence,

    we have already approved the newest version of the definition on WSUS which is (1.119.772.0) and we have historical been approving the definitions since (1.117.2549.0)

    The definition 1.119.772.0 is approved in WSUS but is does not seem to deploy to the windows 7 machines.

    Asked and answerd weekly in this forum
    1. The updates are not approved.
    2. The updates are not approved for the right group(s).
    3. The client is not assigned to the right group(s) - when Client-Side Targeting is being used.
    4. The Options | Computers setting on the WSUS server is inconsistent with the GPO settings.
    5. The files for the approved updates are not downloaded to the WSUS server.

     


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Hi Clarence,

    Thank you replying.

    I have looked thru the questions already asked on this forum and it does not answer my question or resolve the problem i am having with wsus not deploying Windows Defender definitions to windows 7 machines.

    The clients are in the right groups and the definitions have been approved in WSUS. But this is this not deploying to windows 7 machines.

    1.The updates are not approved. - They are Approved.
    2.The updates are not approved for the right group(s). - The clients have been approved in the right groups
    3.The client is not assigned to the right group(s) - when Client-Side Targeting is being used. - The client have been assigned to the right group if this was the case then nothing would be deploying via WSUS.
    4.The Options | Computers setting on the WSUS server is inconsistent with the GPO settings. - They consistent as i have my colleague also go thru and check it.
    5.The files for the approved updates are not downloaded to the WSUS server. - They are downloaded to the WSUS Server.

    Clarence i know you are trying to help me but you dont seem to have read the question i have asked in the first place. As you just keep saying things i have already said.

    WSUS is working Fine in deploying updateds to the windows 7 machines apart from the Windows Defender definitions deploying to windows 7 machines.

    The current definition (1.119.978) is approved in WSUS but it is reporting as no staus on the WSUS server.  

    • Modifié Zubs7 lundi 6 février 2012 12:00
    lundi 6 février 2012 11:51
  • Hi,

    Pls try to decline all the superseded Windows Defender definitions approved before,and just approve latest definition 1.119.772.0 to see whether the reporting status is nomal.

    Also have a logon to see whether there is any win7 os successfully deployed with 1.119.772.0.

    Best regards,

    Clarence


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.


    mardi 7 février 2012 01:39
    Modérateur
  • Hi Clarence,

    I have approved the latest definition and declined the rest the reporting status does not change.

    Thanks

    jeudi 16 février 2012 10:52
  • Hi guys,

    I have found out that Windows defender was not updating via WSUS due to Windows defender was getting uninstalled when Mcafee was installed.

    After doing loads of testing and building Virtual machine and removing the silent switches off the mcafee install, i found the problem. Even tho mcafee doesnt unstall windows defender it does stop it from getting definition updates from WSUS. Im not sure how, maybe a reg key but i wasnt able to find the regkey.

    If anyone out there knows a way to get round this, It would be a great help if you can get back to me.

    Thanks

    Zubs

    • Marqué comme réponse Zubs7 vendredi 30 mars 2012 15:21
    vendredi 30 mars 2012 15:21
  • If anyone out there knows a way to get round this, It would be a great help if you can get back to me.

    From a practical perspective, you shouldn't have multiple AV/AM engines active on the same system anyway. In fact, I suspect it wasn't McAfee doing the deed, but rather WD disabling itself having detected another known AV/AM vendor's installation.

    For more on this topic, I would suggest posting in the security forums, now that we've determined it's not a WSUS issue. :-)


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    vendredi 30 mars 2012 18:37
    Modérateur