Clients don't update with the latest antimalware definition files after the Endpoint Protection point role is installed
This article introduces a workaround for the issue that clients are not updated with the latest antimalware definition files after you install the Endpoint Protection point site system role in Configuration Manager.
Original product version: Microsoft System Center 2012 Configuration Manager
Original KB number: 2688242
Symptoms
You install the Endpoint Protection point site system role in Configuration Manager and set the Manage Endpoint Protection client on client computers setting to True on the Endpoint Protection page. In this scenario, client computers are not updated with the latest antimalware definition files.
Cause
This problem occurs because the Disable alternate sources (such as Microsoft Windows Update, Microsoft Windows Server Update Services, or UNC shares) for the initial definition update on client computers option is set to True which is the default setting.
Workaround
To work around this problem, set the Disable alternate sources (such as Microsoft Windows Update, Microsoft Windows Server Update Services, or UNC shares) for the initial definition update on client computers option to False. After you change this setting, the clients can download and install antimalware definition file updates immediately after installation as long as the client has access to one of the sources that hosts the files.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for