Microsoft Defender for Endpoint on Windows Server 2012 R2, Windows Server 2016


This update services the EDR sensor included in the new Microsoft Defender for Endpoint unified solution package released in 2021. For more information about prerequisites and installation steps refer to Onboard Windows servers to the Microsoft Defender for Endpoint service.

This article describes an update package for Microsoft Defender for Endpoint. This update supports the following OS running the new EDR sensor component (MsSense.exe):

  • Windows Server 2016

  • Windows Server 2012 R2

Version information

This package updates the EDR sensor component to the following version:

  • 10.8049.22439.1084

Package information

The package size is approximately 10MB.

Known issues in this update

No known issues.

Update information

This package includes updates and fixes to the Microsoft Defender for Endpoint EDR sensor that is used by Microsoft Defender for Endpoint installed on Windows Server 2012 R2 and Windows Server 2016.

This update addresses CVE-2022-23278 - Security Update Guide - Microsoft - Microsoft Defender for Endpoint Spoofing Vulnerability for machines running a preview version, installed before April 2022.

Note this update will only apply if the version of the EDR sensor is lower than the one in the update package. As we update the installer (MSI) package regularly, you may observe you are already on the latest version and the installation location will be in the program files directory, until such time a newer update gets released and applied.

How to obtain this update

This update is available from Microsoft Update.

Restart requirement

You do not have to restart the system after you install this update.

How to remove or roll back this update

This package cannot be uninstalled.

How to find the installed version number

The location of the MsSense.exe file is specified in the registry. This path includes the version number:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Advanced Threat Protection

'InstallLocation' value

EXAMPLE: C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\10.8040.22415.1001

You can check the file location and version information for MsSense.exe manually using the registry editor or by running the following PowerShell command:

Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Advanced Threat Protection\' -Name "InstallLocation"


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!