Skip to main content

Security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware

Microsoft continually updates security intelligence in antimalware products to cover the latest threats and to constantly tweak detection logic, enhancing the ability of Windows Defender Antivirus and other Microsoft antimalware solutions to accurately identify threats. This security intelligence works directly with cloud-based protection to deliver fast and powerful AI-enhanced, next-generation protection.

Microsoft security intelligence updates include software that incorporates material from third parties. Third-party notices and information

Automatic updates

To help ensure your antimalware solution detects the latest threats, get updates automatically as part of Windows Update. If you are having problems with Windows Update, use the troubleshooter.

If you don't already use Windows Defender Antivirus, learn how to turn it on.

Trigger an update

A manually triggered update immediately downloads and applies the latest security intelligence. This process might also address problems with automatic updates. Windows Defender Antivirus and other Microsoft antimalware solutions provide a way to manually trigger an update.

In Windows 10, select Check for updates in the Windows Security Virus & threat protection screen to check for the latest updates.

Enterprise administrators can also push updates to devices in their network. To clear the current cache and trigger an update, use a batch script that runs the following commands as an administrator:

cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate
	        

Manually download the update

You can manually download the latest update.

Latest security intelligence update

The latest security intelligence update is:

  • Version: 1.305.2530.0
  • Released: 11/21/2019 5:48:17 AM
  • Documentation: Release notes

You need to download different security intelligence files for different products and platforms. Select the version that matches your Windows operating system or the environment where you will apply the update.

Note: Starting on Monday October 21, 2019, the Security intelligence update packages will be SHA2 signed.
Please make sure you have the necessary update installed to support SHA2 signing, see 2019 SHA-2 Code Signing Support requirement for Windows and WSUS.

Windows Defender Antivirus for Windows 10 and Windows 8.1 32-bit | 64-bit | ARM
Microsoft Security Essentials 32-bit | 64-bit
Windows Defender in Windows 7 and Windows Vista 32-bit | 64-bit
Microsoft Diagnostics and Recovery Toolset (DaRT) 32-bit | 64-bit
Forefront Server Security 32-bit | 64-bit
Forefront Endpoint Protection 32-bit | 64-bit
System Center 2012 Configuration Manager 32-bit | 64-bit
System Center 2012 Endpoint Protection 32-bit | 64-bit
Windows Intune 32-bit | 64-bit

The links point to an executable file named mpam-fe.exe, mpam-feX64.exe, or mpas-fe.exe (used by older antispyware solutions). Simply launch the file to manually install the latest security intelligence.

End of life for Microsoft Forefront Client Security was on July 14, 2015. Customers are encouraged to migrate to System Center Endpoint Protection. For more information, visit the Microsoft support lifecycle website.

Network Inspection System updates

The following products leverage Network Inspection System (NIS) updates:

  • Microsoft Security Essentials
  • Forefront Endpoint Protection
  • System Center 2012 Endpoint Protection

These updates are designed to protect you from network threats, including exploits as they are transmitted. Check the version of the Antimalware Client component on your security software and download the right version of the NIS updates for your platform.

4.1.522.0 and newer Network Real-time Inspection definitions 32-bit | 64-bit