Export (0) Print
Expand All

Forcing an Endpoint Protection Definition Update in Windows Intune

Updated: November 1, 2013

Applies To: Windows Intune

Windows Intune Endpoint Protection determines whether software that it detects on managed computers is a virus, spyware, or other potentially unwanted software and generates alerts to inform you when there are potential risks. Malicious software, or malware, definitions are files that serve as an encyclopedia of potential software threats. Endpoint Protection works with Windows Update to install new definitions automatically as soon as they are released. By default, Endpoint Protection checks for the latest malicious software definitions before you run a scan.

If malicious software definitions on a managed computer are out of date by 14 days, this condition is indicated in the Windows Intune administrator console with a protection warning. In the Endpoint Protection workspace, under Malware Status in the Overview pane, a “Malware definitions out-of-date” warning is displayed. You can manually update malicious software definitions on the managed computer to resolve this issue.

You can update malicious software definitions by running a remote task or by updating malware definitions directly on the managed computer.

  1. Open the Windows Intune administrator console.

  2. In the workspace shortcuts pane, click the Groups icon, and then do one of the following:

    • To locate an individual computer on which to run the scan, in the navigation pane, click Overview if it is not already selected, and then type the partial or full name of the computer in the Search devices box.

    • To locate a group of computers on which to run the scan, in the navigation pane, expand All Devices, click the group name, and then click the Devices tab.

  3. Select the computer, or press and hold the Ctrl key to select multiple computers.

  4. On the Remote Tasks list on the taskbar, click Update Malware Definitions.

  5. Review the confirmation message, and then click Close.

    To view the task status, click the Remote Tasks link in the bottom right corner of the Windows Intune administrator console

    The Task Status dialog box lists current remote tasks, task status, device name, and any reported errors, and provides a link to troubleshooting information, if appropriate.

    To initiate follow-up commands, right-click the task, and then choose one of the actions described in the following table.


    Status Explanation Available actions


    The task was sent to the Windows Intune administrator console but it has not yet been delivered to the targeted computer.

    Copy Text


    The task was successfully delivered to the computer and is running.

    Copy Text


    The task completed successfully.

    Clear, Copy Text


    The task did not succeed.

    Retry, Clear, Copy Text

  1. On the managed computer on which you want to update malicious software definitions, open Windows Intune Endpoint Protection.

  2. Click the Update tab, and then click Update.

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft