Microsoft Defender Antivirus is a major component of the next-generation protection of Microsoft Defender for Endpoint. This protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your organization. Microsoft Defender Antivirus is built into Windows, and it works with Microsoft Defender for Endpoint to provide protection on your device and in the cloud. Please see the following guides: Install Wim: How to Add Packages to Windows image the DISM Tool, how to add boot and install images to WDS and configure Multicast transmission via the GUI and WDSUTIL, and What are the differences between Capture image, Discover image, Install and Boot images (Windows PE).
In order to verify that the Microsoft Defender Antivirus update has been correctly updated in the install.wim image, we will be using the following steps below. Here is a detailed guide on “how to install ADK, MDT, and WDS: How to deploy Windows images via Microsoft Deployment Toolkit and Windows Deployment Services“.
Steps to view Microsoft Defender update
Launch PowerShell with Administrative privilege by right-clicking on it as shown below.
Type the following command to open the directory with the extracted file and hit the Enter button. In the command, ensure you specify the path of the folder with the extracted files. This command will open the folder with the extracted files inside as shown below
cd PATH\TO\THE\DEFENDER-UPDATE-KIT cd C:\Users\Christian\Documents\defender-update-kit-x64
Type the following command in order to view the Microsoft Defender Antivirus update.
.\DefenderUpdateWinImage.ps1 -WorkingDirectory "DEFINED_TEMP-LOCATION" -Action ShowUpdate -ImagePath "PATH\TO\INSTALL.WIM" .\DefenderUpdateWinImage.ps1 -WorkingDirectory "C:\Users\Christian\Documents\Windefprocess" -Action ShowUpdate -ImagePath "C:\Users\Christian\Documents\Image\install.wim"
The images below show the command is currently running and afterward the results will be displayed. During this process, the image will be mounted and dismounted when the operation is complete.
Please exercise a little patience. As you can see below, the script has been successfully executed, and the installed updates are displayed.
As you can see in the image above, these are the same Engine, Platform, defender package, and security intelligence versions as updated in this guide “how to update Microsoft Defender Antivirus into the install image of Windows (install.wim)“.
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.