Definition Updates vs Program Updates: About the Delivery Mechanism


Ian E

To the Windows Defender Developers: a fine point for your consideration.

I would like to express my opinion that your use of the Windows Update (or
Microsoft Update) mechanism to deliver PROGRAM updates for Windows Defender
is a good thing. However, for the delivery of DEFINITION updates, I think
it is a bad thing. I feel that the program itself should obtain & install
DEFINITION updates on its own and NOT make use of Windows Update.

My reason for suggesting this is that I choose to NOT enable the "Automatic
Updating" capability of Windows Update, and instead choose to review /
schedule the application of PROGRAM updates in order to minimize disruption.
I know that there are many system administrator types like me out there who
choose to do the same thing.

As a consequence, I do not receive the relatively inconsequential Windows
Defender DEFINITION updates automatically and have to review / install each
one manually.

So unless there will be some sort of a slipstreaming mechanism in the next
version of Windows Update (or Microsoft Update) to be delivered with the
next version of Windows, where the relatively inconsequential Windows
Defender DEFINITION updates can be downloaded/installed automatically (and
more consequential updates held pending review), I think you should move
that capability back to Windows Defender. As I said earlier, this is where
I think it actually belongs.

Thank you.


See the following article posted in the Announcements newsgroup on 8/1/2006:

Subject: Daily definition updates August 1-August 15



I agree with you completely.

In addition to the points you have made:
WU/MU trigger the creation of a System Restore Point when they download.
This is a good thing in general since they often make Important/Major changes
to the system or programs. Unfortunalty they also trigger a Restore Point
when making minor updates to WDs definition database.

If checking for new sigs/dats were handled by the WD Progam/Service itself
this could be avoided by removing the SRP "trigger" from WD when it updates
those signatures.

My McAfee Antivirus checks for new signatures EveryDay! It finds them 5 or
6 days a week and adds them to its list. Each update of the sigs is about
200KB and takes less then 2 minutes on my modem. No System Restore Point is
created !!!
If McAfee can do it this way with autoupdates, why can't Microsoft ???

Geek w/o Portfolio

Bill Sanderson MVP

That post suggested giving feedback in thread, and also gave another address
for feedback.

This group is definitely appropriate as well, though--you aren't the first
to post this at all. SBS users are particularly miffed at this mechanism.



Agree entirely. I have long been of the opinion that if one goes to the
trouble of installing an AntiSpyware prog - the object is surely to protect
oneself. Right?. Why then, should we want to be given the option of whether
or not we want to install the latest def updates which are hopefully going to
protect us from the latest threats? Surely it is axiomatic that we would want
and expect them to be updated automatically in the same way virus defs are.
All we need is some indication of when this has been done.


Bill Sanderson MVP

I would prefer, myself, that Microsoft put the energy into "fixing"
AutoUpdate in a way that will eliminates some of the critiques in this and
other threads on the subject, rather than developing from scratch some new
update mechanism.



The fact is that it's very easy to make the Defender Updates work this way
without loosing control of when the other updates, such as Critical Windows
Updates, occur.

This morning I found 12 updates waiting for me to install, including those
for Office, Cumulative IE and Windows itself. Also during the night the
Defender Definition Update occured automatically just before the daily scan
as scheduled. I have yet to install the Critical Updates, not because I have
any intent not to, but rather because a reboot of this old PII 400 with
Windows 2000 is excruciating and must be planned to avoid wasting my time.

Automatic Updates on this PC are set to 'download, but let me choose when to
install'. This results in the updates being available to install at a moments
notice, but not until I decide I'm ready for it to happen. It also allows the
Defender Update to occur, since the file is waiting for the next request by
Defender to install it.

The group responsible for the Windows/Microsoft Automatic Updates at MS has
been tuning its operation over the last couple years, especially since the
Anti-Malware Team has started making use of this system for both Defender and
the Live OneCare protection programs. You can choose to fight this system or
find a way to make it work for you, as I have. Either way, I doubt that any
significant change in the actual choice to use Automatic Updates will occur,
since that is the update system in place.


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question