This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 97%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETP%3C/text%3E%3C/svg%3E)
OK guys, so i've been struggling with this issue for 2 now, at a total loss at the moment.
we received an audit stating our antivirus client version is at risk.
"The engine version of Microsoft Windows Defender installed on the remote Windows host is prior to
4.18.2001.112. It is, therefore, affected by a hard link elevation of privilege vulnerability which could allow an
attacker who successfully exploited this vulnerability to elevate privileges on the system."
I ran a Endpoint protection report and roughly half the servers in the environment is on version 4.10.2xxxx and the other half 4.18.2xxx
most docs states the if im using sccm i should just make sure that I've selected the correct products and classifications in wsus
The classifications i have selected are: critical updates, Definition Updates, Security Updates, Updates, Upgrades.
The products for AV that are selected: Forefront Client Security, System Center Endpoint Protection, Microsoft Security Essentials, Microsoft Defender Antivirus.
I tried manually installing the scepinstall.exe (found in the client install folder) on the servers but it just fails stated the version installed on the server is newer.
I tried totally cleaning the sccm agent and reinstalling but that did not help.
I tried searching for an offline version of the client and the closest i came was the link below.
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4052623
I downloaded the file and ried to install them but but that did not work.
All i want to do is just update this client; does anyone file a solution or had this issue before?
All servers are fully patched in the environment.
CM update case, changed the tag.
I've added some screenshots if it helps
@toca poca
Thank you for posting in Microsoft Q&A forum.
Here are many ways to update antimalware definitions:
To confirm with you, are you using SUP to deploy the updates, can you see the latest definitions of All software updates in your console? If so, you may try to create an ADR use method 1.
Or you can manually download the latest definition updates from Microsoft and then configure clients to download these definitions from a shared folder on the network use method 5.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks man, Yes im using SUP and all the definitions are upto date, its the client version that i need to increase to version 4.18xxx from 4.10xxx
