![]() Your protection capabilities will be 48 hours late. Try to avoid this if there is not a really good reason. Security intelligence updates are delivered with a 48 hour delay to the clients. Updates are offered after the MGRM has completed. This should be the default for most client devices. The devices in this channel will receive the updates at the end of the MGRM. Setting name: SecurityIntelligenceUpdatesChannel Channel If you don’t want to configure a gradual rollout, just let the configuration untouched and you will use the Microsoft gradual rollout model (MGRM). This is not a good option if you do not have any devices in other channels, because it limits your ability to detect any problems before they hit all devices. If you choose to completely disable gradual rollout (which you shouldn’t), the device will be set in the broad channel. ![]() Especially when talking about signature updates a staged rollout can minimize the impact of the detection of false positives.īut also a new engine update or platform update could introduce unwanted side effects on your devices and testing is therefore important. Many companies don’t want to update all their devices at the same time to the most current version of a product. If you want a look behind the curtain of Microsoft Defender for Endpoint and it’s history inside of Microsoft, you should follow him on Twitter and wait for the release of #thebookofmde he and Joe are currently writing. The previous version is kept in case a rollout is necessary.Ĭurrent and last platform version AttributionĪ big thanks goes out to Paul Huijbregts (Senior PM at Microsoft) who double checked my info graphic below. Check this website for release notes.Īfter installing this update new platform version will be installed in a subfolder beneath %OSDrive%\ProgramData\Microsoft\Windows Defender\Platform\. It can contain new features as well as fixes for existing ones.ĭeployed using KB4052623 through the Microsoft update channels. You can find the related release notes hereĬontains update to the core detection engineĭeployed as part of the security intelligence updates ![]() ![]() Update typeĬontains new and updated malware detections.ĭeployed using KB2267602 through the Microsoft update channels. Different update typesīut let’s take a step back and get a common understanding whats the difference between those different updates is and how they are deployed. This allows for a more gradual rollout of security intelligence updates, the engine as well as the AV platform. One of the features of Microsoft Defender Antivirus that, in my opinion, is overlooked by most, is the ability to control the rollout of all components of Microsoft Defender Antivirus by selecting different release channels. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |