Microsoft Defender protects Windows computers from viruses and threats. It updates itself in two main ways:
- Windows Update: Defender gets new files and definitions through regular Windows updates.
- Direct Defender Updates: Even if Windows Update is off, Defender can still update itself by connecting to Microsoft’s servers.
You can check when Defender last updated by running this command in PowerShell:
Get-MpComputerStatus | Select-Object AntivirusSignatureLastUpdated, AntivirusSignatureVersion | fl
If Defender isn’t updating, you might see errors like “Protection definition update failed (800704C6).” Here’s how to fix it step by step.
Table of Contents
- Solution 1: Check Internet and Update Settings
- Solution 2: Confirm Automatic Updates Are On
- Solution 3: Ensure Defender Services Are Running
- Solution 4: Try a Manual Update
- Solution 5: Fix Network or Proxy Issues
- Solution 6: Reset Defender’s Database
- Solution 7: Check Group Policy
- Solution 8: Review Event Logs
- Solution 9: Install Updates Manually
- Final Check
- Tips for Smooth Defender Updates
Solution 1: Check Internet and Update Settings
Make sure your computer is connected to the internet.
Check for update errors (like 80072f8f or 0x80072ee2). These often mean a network problem or a Windows Update policy block.
Open Windows Update settings and look for “Security Intelligence Update for Microsoft Defender Antivirus — KB2267602.” If it’s missing or stuck, you may need to reset Windows Update.
Solution 2: Confirm Automatic Updates Are On
- Open Windows Security (type ms-settings:windowsdefender in the Start menu).
- Go to “Virus & Threat Protection Updates.” You’ll see the current version and last update time.
- Run this PowerShell command to check update schedules:
Get-MpPreference | Select-Object SignatureScheduleDay, SignatureScheduleTime
Solution 3: Ensure Defender Services Are Running
Open PowerShell and run:
get-service WdNisSvc, WinDefend, wscsvc | select name, status, starttype
All services should show as “Running.”
Solution 4: Try a Manual Update
- Open Command Prompt as Administrator.
- Run:
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate
- If you see errors, check the log at %userprofile%\AppData\Local\Temp\MpCmdRun.log.
Solution 5: Fix Network or Proxy Issues
If you get error 0x8024401B, your computer might not reach Microsoft’s servers.
Test the connection:
tnc fe2cr.update.microsoft.com -port 443
Check proxy settings:
netsh winhttp show proxy
If the proxy is wrong, reset it:
netsh winhttp reset proxy
Solution 6: Reset Defender’s Database
If updates still fail, the database may be corrupted.
Reset with:
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -removedefinitions -all
Update again:
Update-MpSignature -Verbose
If you see “Access Denied” (0x80070005), turn off Tamper Protection in Windows Security first.
Solution 7: Check Group Policy
Run rsop.msc to see if Group Policy is blocking Defender updates.
Look under Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus.
Remove or adjust any settings that might block updates.
Solution 8: Review Event Logs
- Open Event Viewer.
- Go to Applications and Services Logs > Microsoft > Windows > Windows Defender > Operational.
- Look for Event ID 2002 for successful updates or other errors.
Solution 9: Install Updates Manually
- Download the latest update file (mpam-fe.exe) from Microsoft’s official site.
- Reset Defender:
cd %ProgramFiles%\Windows Defender MpCmdRun.exe -removedefinitions -all
- Run the downloaded file as Administrator.
Final Check
Confirm everything is up to date:
Get-MpComputerStatus | Select-Object AntivirusSignatureLastUpdated, AntivirusSignatureVersion
Tips for Smooth Defender Updates
- Restart your computer after updates.
- Keep Windows up to date.
- Avoid third-party antivirus conflicts.
- Check settings regularly, especially after big Windows updates.
Microsoft Defender protects best when it’s up to date. Follow these steps to keep your computer safe and secure. If problems continue, consider seeking help from a trusted IT professional.