Monitoring Defender Updates using Intune Portal

In this post, Monitoring Defender Updates using Intune Portal. We will explore the Intune Portal to find the Status of Defender Updates for the Endpoints.

We will cover how to navigate the portal, locate the relevant information, and interpret the status reports to maintain optimal security across your network. Defender Updates refer to the updates provided by Microsoft to keep Microsoft Defender Antivirus (formerly known as Windows Defender) current and effective in protecting against the latest threats.

Applying these updates regularly is crucial for maintaining system security and integrity, as they ensure that Microsoft Defender Antivirus can protect against the latest security threats.

The updates are typically delivered through Windows Update but can be managed and monitored through enterprise tools like the Intune Portal. These updates typically include:

Patch My PC
  1. Security Intelligence Updates (or Definitions): These updates provide the latest information about new malware and potentially unwanted software, allowing Microsoft Defender Antivirus to identify and neutralize new threats.
  2. Platform Updates: These updates enhance the core functionality of Microsoft Defender Antivirus, improving its performance, stability, and security features.
  3. Engine Updates: These updates improve the antivirus engine’s scanning and detection capabilities, ensuring it can effectively detect and handle new types of malware.

In this post, we will focus on the types of information regarding Defender updates on endpoints that can be accessed through the Intune Portal.

Monitoring Defender Updates using Intune Portal 1
Monitoring Defender Updates Using Intune Portal

Manually Checking the Status of Defender Updates on a Device

Most of you know how to check for the Defender Updates status on your device, but to begin, let’s look at how to quickly check it on any Windows device. Just type and search Windows Security in the Start Menu of your device and open it as shown in the image:

Adaptiva
Monitoring Defender Updates Using Intune Portal Fig.1
Monitoring Defender Updates Using Intune Portal Fig.1

Now, on the Windows Security page, we need to open the Settings tab, which is located on the left-bottom side of the page, as highlighted in the screenshot below.

Monitoring Defender Updates Using Intune Portal Fig.2
Monitoring Defender Updates Using Intune Portal Fig.2

After clicking on Settings, you will be taken to another page where you will see the About option, marked yellow in the image below.

Monitoring Defender Updates Using Intune Portal Fig.3
Monitoring Defender Updates Using Intune Portal Fig.3

Once you click on About, it will display all the details about the Defender Updates and show you which version of the device is currently running.

Monitoring Defender Updates Using Intune Portal Fig.4
Monitoring Defender Updates Using Intune Portal Fig.4

Note! Also, Microsoft releases more than one Antivirus Version daily. To check for the latest Antivirus Version, you can visit the Security intelligence updates for Microsoft Defender Antivirus and other Microsoft Antimalware pages.

Monitoring Defender Updates using Intune

We just manually checked the status of Defender Updates on the endpoint. Now, we will see how to get the same and more information from the Intune Portal. It is not practical to manually check each device.

Once logged into Intune Portal using the link https://intune.microsoft.com/, click on the Reports Tab and then Microsoft Defender Antivirus as depicted below in the image.

Monitoring Defender Updates Using Intune Portal Fig.5
Monitoring Defender Updates Using Intune Portal Fig.5

It will take you to the Summary page. Here, you need to click on Reports to check for the device status. The summary page gives you the status of the state of devices, as seen below.

Monitoring Defender Updates Using Intune Portal Fig.6
Monitoring Defender Updates Using Intune Portal Fig.6

Once you click on the Reports tab, you will be taken to the page with the option to look for the reports mentioned below. They are:

  • Antivirus agent status
  • Detected malware
  • Click on Antivirus agent status to look for Defender Updates status on devices.
Monitoring Defender Updates Using Intune Portal Fig.7
Monitoring Defender Updates Using Intune Portal Fig.7

After clicking on Antivirus agent status, you will see the status of all the devices in your environment and which version they are running. You can then type the device’s name and look for the updated version.

This is the detailed report regarding the Defender updates, which you can look at and extract from the Intune Portal. There are multiple columns, which you can see if you scroll to the right on your screen.

Monitoring Defender Updates Using Intune Portal Fig.8
Monitoring Defender Updates Using Intune Portal Fig.8

To extract the report, click Export, as shown below, and choose the columns you want. The report will be downloaded. You can also open the report in Excel and look for the version details of the devices currently running in your environment.

Monitoring Defender Updates Using Intune Portal Fig.9
Monitoring Defender Updates Using Intune Portal Fig.9

This is how Intune Portal can help you check the details about the Defender Updates. In the next post, we will look into troubleshooting devices that are not getting updated with the latest Defender patches.

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click hereHTMD WhatsApp.

Author

Abhinav Rana is working as an SCCM and Intune Admin with several years of experience. He loves to help the community by sharing his knowledge. He is a B.Tech graduate in Information Technology.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.