Consider the following scenario. You install the Endpoint Protection point site system role in System Center 2012 Configuration Manager and set the Manage Endpoint Protection client on client computers client setting to True on the Endpoint Protection page. In this scenario, client computers are not updated with the latest Endpoint antimalware definition files.
This problem occurs because the following option is set to True:
Disable alternate sources (such as Microsoft Windows Update, Microsoft Windows Server Update Services, or UNC shares) for the initial definition update on client computersBe aware that this is the default setting.
To work around this problem, set the option that is mentioned in the "Cause" section to False. After you change this setting, the clients can download and install antimalware definition file updates immediately after installation as long as the client has access to one of the sources that hosts the files.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.