Windows Defender: Bypassing Group Policy software update settings


G

Guest

[ Microsoft this week released the replacement for Microsoft AntiSpyware
(beta 1), called Windows Defender (beta 2):
http://www.microsoft.com/antispyware ]

Two new features in Defender, when combined, are giving trouble. They are:

1) Configuration settings now controlled via Group Policy, and
2) Malicious and unwanted software signatures are downloaded via Windows
Update.

Our office network currently uses Software Update Services (SUS) because the
server set aside for this task isn't powerful enough to run Windows Server
Update Services (WSUS). A Group Policy Object (GPO) configures all
workstations to get all Windows updates from the local SUS server. We're
running AD2003, with the clients a mix of Windows 2000 (SP4) and XP (RTM,
SP1, SP2).

This is where the problem is. I'm testing Defender on a couple of
workstations and it turns out that it is unable to retrieve updates for
itself. Having run 'netstat' from the Command Prompt, I can see that Defender
is trying to connect to our SUS server (which doesn't have any Defender
definitions).

Can someone tell me how to either use Group Policy to instruct Defender to
get its updates directly from the Internet, or update SUS so that Defender
definitions are included? (Keep in mind that updating to WSUS is not an
option right now.)

Thanks,
desil.
 
Ad

Advertisements

G

Guest

Hmmm... I didn't see that. But they're top-secret private newsgroups! I'll
repost my message there. Will post back here if I get anything useful.

PA Bear said:
Microsoft has established separate newsgroups Windows Defender Beta2 support
and comments. See
http://www.microsoft.com/athome/security/spyware/software/newsgroups/default.mspx.

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
[ Microsoft this week released the replacement for Microsoft AntiSpyware
(beta 1), called Windows Defender (beta 2):
http://www.microsoft.com/antispyware ]

Two new features in Defender, when combined, are giving trouble. They are:

1) Configuration settings now controlled via Group Policy, and
2) Malicious and unwanted software signatures are downloaded via Windows
Update.

Our office network currently uses Software Update Services (SUS) because
the server set aside for this task isn't powerful enough to run Windows
Server Update Services (WSUS). A Group Policy Object (GPO) configures all
workstations to get all Windows updates from the local SUS server. We're
running AD2003, with the clients a mix of Windows 2000 (SP4) and XP (RTM,
SP1, SP2).

This is where the problem is. I'm testing Defender on a couple of
workstations and it turns out that it is unable to retrieve updates for
itself. Having run 'netstat' from the Command Prompt, I can see that
Defender is trying to connect to our SUS server (which doesn't have any
Defender definitions).

Can someone tell me how to either use Group Policy to instruct Defender to
get its updates directly from the Internet, or update SUS so that Defender
definitions are included? (Keep in mind that updating to WSUS is not an
option right now.)

Thanks,
desil.
 
P

PA Bear

It's the "public" private beta newsgroup, not the "private" private beta
newsgroup. <w>
--
~PA Bear
Hmmm... I didn't see that. But they're top-secret private newsgroups! I'll
repost my message there. Will post back here if I get anything useful.

PA Bear said:
Microsoft has established separate newsgroups Windows Defender Beta2
support and comments. See
http://www.microsoft.com/athome/security/spyware/software/newsgroups/default.mspx.

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
[ Microsoft this week released the replacement for Microsoft
AntiSpyware (beta 1), called Windows Defender (beta 2):
http://www.microsoft.com/antispyware ]

Two new features in Defender, when combined, are giving trouble. They
are:

1) Configuration settings now controlled via Group Policy, and
2) Malicious and unwanted software signatures are downloaded via
Windows Update.

Our office network currently uses Software Update Services (SUS)
because the server set aside for this task isn't powerful enough to
run Windows Server Update Services (WSUS). A Group Policy Object
(GPO) configures all workstations to get all Windows updates from the
local SUS server. We're running AD2003, with the clients a mix of
Windows 2000 (SP4) and XP (RTM, SP1, SP2).

This is where the problem is. I'm testing Defender on a couple of
workstations and it turns out that it is unable to retrieve updates
for itself. Having run 'netstat' from the Command Prompt, I can see
that Defender is trying to connect to our SUS server (which doesn't
have any Defender definitions).

Can someone tell me how to either use Group Policy to instruct
Defender to get its updates directly from the Internet, or update SUS
so that Defender definitions are included? (Keep in mind that
updating to WSUS is not an option right now.)

Thanks,
desil.
 
Ad

Advertisements

B

Bill Sanderson

I don't believe we have any useful answer except to update to WSUS, which
desil has already said is not possible. I hope desil is in touch with the
end of life statements at the SUS pages.

--

PA Bear said:
It's the "public" private beta newsgroup, not the "private" private beta
newsgroup. <w>
--
~PA Bear
Hmmm... I didn't see that. But they're top-secret private newsgroups!
I'll
repost my message there. Will post back here if I get anything useful.

PA Bear said:
Microsoft has established separate newsgroups Windows Defender Beta2
support and comments. See
http://www.microsoft.com/athome/security/spyware/software/newsgroups/default.mspx.

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org

desil wrote:
[ Microsoft this week released the replacement for Microsoft
AntiSpyware (beta 1), called Windows Defender (beta 2):
http://www.microsoft.com/antispyware ]

Two new features in Defender, when combined, are giving trouble. They
are:

1) Configuration settings now controlled via Group Policy, and
2) Malicious and unwanted software signatures are downloaded via
Windows Update.

Our office network currently uses Software Update Services (SUS)
because the server set aside for this task isn't powerful enough to
run Windows Server Update Services (WSUS). A Group Policy Object
(GPO) configures all workstations to get all Windows updates from the
local SUS server. We're running AD2003, with the clients a mix of
Windows 2000 (SP4) and XP (RTM, SP1, SP2).

This is where the problem is. I'm testing Defender on a couple of
workstations and it turns out that it is unable to retrieve updates
for itself. Having run 'netstat' from the Command Prompt, I can see
that Defender is trying to connect to our SUS server (which doesn't
have any Defender definitions).

Can someone tell me how to either use Group Policy to instruct
Defender to get its updates directly from the Internet, or update SUS
so that Defender definitions are included? (Keep in mind that
updating to WSUS is not an option right now.)

Thanks,
desil.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top