HomeWinBuzzer NewsMicrosoft Defender Has A New Tool for Updating in Windows Images

Microsoft Defender Has A New Tool for Updating in Windows Images

A new tool for Microsoft Defender will ensure admins can update the security platform in-sync with Windows 10 and avoid a “protection gap.”


has recently gained a new feature that gives more power to system admins on . With the new ability, enterprise customers can have more control over scenarios of mass-installation through images.

When organizations want to update Windows 10 through Windows Imaging Format (WIM) or Virtual Hard Disks (VHD), they are forced to do so out of sync with Windows updates.

Installation images are often used multiple times over months so don't follow monthly Windows 10 update cycles. As such Defender (previously Windows Defender) will not receive update installation at the same time as the platform.

Windows 10 would eventually allow Defender to catch up by pulling in a new update. However, in the time between there will be what Microsoft is calling a “protection gap.”

“Initial hours of newly installed Windows OS deployments can suffer with Microsoft Defender protection gap, as the installation OS images may contain outdated Anti-Malware Software binaries. These devices will remain under protected until the first Anti-Malware software update finishes. Regular servicing of OS installation images to update Microsoft Defender binaries minimizes this protection gap in new deployments.”

Bridging the Gap

Microsoft points to this window potentially providing attackers more chance of success when targeting Windows machines. To overcome the problem, the company has created a new tool in Defender.

With the feature, the security service will give admins the opportunity to update WIM and VHD installation images ahead of deployment. Microsoft says the tool is available on 32-bit and 64-bit systems for Windows 10 (Enterprise, Home, Pro), Windows Server 2016, and Windows Server 2019.

Admins run the tool through DefenderUpdateWinImage.ps1 in PowerShell. Below is the path for admins to install the update with PowerShell:

C:\> DefenderUpdateWinImage.ps1 – WorkingDirectoryAction AddUpdate – ImagePath  -Package

If there are any issues, it's possible to roll back the update if needed:

C:\> DefenderUpdateWinImage.ps1 – WorkingDirectoryAction RemoveUpdate – ImagePath 

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News