Windows Defender Automatic update
Give us the option to allow Windows Defender on Windows Server 2016 to update automatically.
Why would anyone want to wait for a maintenance window to install windows defender updates via windows update?
If I turn on automatically install updates everything would be installed including definition updates but the server might reboot because of system and security updates.
Perhaps remove Windows Defender signatures from WSUS and let it update on its own like most AV
I totally agree with this. It is pure having to manually install the Defener definitions.
This is only to Prevent the Server from unexpected reboot when automatic Installation is turned on.
So there should be different categories to choose from:
1. Non-invasive updates like Defender definitions that can Always install automatically.
2. Other non invasive updates that do not require a reboot. This should be an Option to automatically install or not
3. Other updates that require a reboot. These should be optional to either notify, only download or download and install automatically.
The way it is now it is ridicolus for a server operation.
Valentijn Scholten I think you're missing the point, Windows Defender updates only install automatically if you have Download & Install selected which is fine for a client machine running Windows 10, but it's not good practice for servers, it never has been and it never will be.
Definition updates aren't disruptive and don't fall under the same category as security patches, it should be an automated process with no user intervention, like it is with every other anti-virus product on the market.
You can't compare the update schedule on a Windows 10 box to a Server 2016 box, the 2 are completely different and so are the update schedule requirements, one affects a single user, the other affects a server which impacts the entire network if something goes wrong with a security patch.
Valentijn Scholten commented
Windows Defender (signature) updates should just automatically install. Most people have windows updates set to "Download and notify" so they have a choice of when to install these updates as they can be disruptive. The same thing happens on Windows 10 BTW
Corneliu Eva commented
Perhaps MS doesn't expect anyone to run its AV solution on 2016?
Cmon MS, this is a **** logical action for updating your AV.