Deploying Windows Defender Antivirus Definition Updates to Offline Computers

If you need to push Microsoft Windows Defender definition updates to offline computers, here’s how to do it:

  1. Download the version of the Microsoft security intelligence file that is appropriate for your target computers’ operating systems. On the following page Microsoft has links to all of the various flavors that this file comes in. At the time of this writing, those files cover updates for the following different products:

    • Microsoft Defender Antivirus for Windows 11, Windows 10, Windows 8.1, and Windows Server 32-bit | 64-bit | ARM
    • Microsoft Security Essentials 32-bit | 64-bit
    • Windows Defender in Windows 7 and Windows Vista 32-bit | 64-bit
    • Microsoft Diagnostics and Recovery Toolset (DaRT) 32-bit | 64-bit
    • System Center 2012 Configuration Manager 32-bit | 64-bit
    • System Center 2012 Endpoint Protection 32-bit | 64-bit
    • Windows Intune 32-bit | 64-bit
  2. After you download the appropriate security intelligence file, you’ll have one of the following three executeable files: mpam-fe.exe, mpam-feX64.exe, or mpas-fe.exe. The executable can be manually installed on a given computer by simply running it (double-click on it or execute it from the cmd prompt). However, to deploy this file to numerous offline computers through BatchPatch you need to setup a BatchPatch Deployment. For the sake of this example I will be using mpam-fe.exe. If you are using a file with a different name, please adjust the instructions below accordingly to match your filename.
  3. In BatchPatch select Actions > Deploy > Create/modify
  4. In the Deploy window, add a title, then browse to the path of the mpam-fe.exe file on your computer. Your deployment configuration should look similar to mine in the screenshot below. Note, the parameters field is empty because the mpam-fe.exe file is built to be executed as-is without any additional switches/parameters.
  5. Click the double-right arrow button to save the deployment. Then close the Deploy window.
  6. You’re now ready to execute your deployment. Highlight the desired target computers in your grid, and then select Actions > Deploy > Execute saved deployments > Defender Definitions. This will execute the deployment for all selected/highlighted hosts. When the deployment is executed, BatchPatch will copy the mpam-fe.exe file to each target computer and then execute it, remotely, to apply the update definitions contained in the file. That’s all there is to it.
This entry was posted in Blog, General, Tutorials and tagged , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.