Defender Won’t Update With A Metered Connection

Topic

New Reply

[Paul T]

• You have Windows Home
• You want to prevent Windows Update automatically installing updates
• You set the network to “metered”

All is well, but there may be a hidden issue.
Windows Defender is not updating and not telling you.
This happens because Defender uses Windows Update to download definition updates as well as engine updates, but WU is on hold because of the “metered” connection.
Luckily, we can tell Defender to update manually and this bypasses WU.

The easiest way to do this is to create a daily Scheduled Task to run the update, but setting all the options is a little time consuming, so I have written this PowerShell to do the work for you.

1. Open a PowerShell window by pressing the Windows key and typing “powershell”.
2. Run the commands below to add the task.
3. Check the task by running Task Scheduler if you feel the need.

The command required to update the definitions is: MpCmdRun.exe -SignatureUpdate

cheers, Paul

PowerShell code

$DefenderTaskAction = New-ScheduledTaskAction -Execute '%comspec%' -Argument '/c start "" /min "C:\Program Files\Windows Defender\MpCmdRun.exe" -SignatureUpdate'
$DefenderTaskTrigger = New-ScheduledTaskTrigger -Daily -At 05:00
$DefenderTaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable

Register-ScheduledTask -Action $DefenderTaskAction -Trigger $DefenderTaskTrigger -Settings $DefenderTaskSettings -TaskName “Defender Update” -Description “Update Defender definitions if you have a metered connection”

 

• This topic was modified 3 years, 4 months ago by Paul T.

Reply | Quote

Replies

This is very useful, thanks Paul!

The “alternative” I came up with is to use WUMgr to entirely disable automatic updates in WU and set my connection back to unmetered: the Defender client apparently does not depend on WU to download updated definitions and with these settings I’m able to receive Defender updates automatically without worrying that WU will download other updates when it is not convenient for me.

1 user thanked author for this post.

Paul T

Reply | Quote

Berserker79 wrote:

the Defender client apparently does not depend on WU to download updated definitions

What version of Windows do you have? Windows 10 Pro since ver 2004 does NOT allow you to set Windows Updates as disabled unless you like having to MANUALLY update Defender each day (after temporarily enabling WU).

My Windows 8.0 Pro computer also has WU disabled yet it automatically updates Defender definitions each morning. My Windows 10 Pro 21H2 has to be updated manually for Defender each day and that started with version 2004.

Microsoft is determined to stop all Windows users from having control of their own computers. I like Defender. I wish I didn’t, but after all the years I used third party AV, I have zero desire to return to any of them now that Defender is sufficient (at least for those of us who are not reckless and who always practice safe computing). However, manual update each day is getting tiresome. I very much like my first Apple products (iPhone and Apple watch) and I may switch to Apple for my next computer as if I have to choose between the control of Apple’s walled garden or Microsoft’s iron fist continually taking more and more autonomy away from its users, I think I really may choose Apple for my next computer.

Reply | Quote

Mele20 wrote:

What version of Windows do you have? Windows 10 Pro since ver 2004 does NOT allow you to set Windows Updates as disabled unless you like having to MANUALLY update Defender each day (after temporarily enabling WU).

I’m on Windows 10 Pro 21H1. As mentioned above, I used WUMgr to set automatic Windows Updates as disabled and Defender still manages to regularly update on its own (without the need to temporarily enable WU).

Did you try disabling WU on your 21H2 computer using WUMgr and see whether that allows Defender to update on its own? If you haven’t so far, you might want to give WUMgr a try: it’s a relatively simple tool to use and gives you more control over the updates. I’ve been using it regularly on both my computers without any issues: with automatic updates disabled I no longer have to worry about postponing updates or having any update forcibly installed behind my back and when I’m ready to install the updates I just do it manually from within WuMgr without re-enabling WU.

Reply | Quote

I tried this but got following in the powershell window:

Register-ScheduledTask : A parameter cannot be found that matches parameter name ‘ScheduledJobOption’.
At line:1 char:114
+ … skTrigger -Settings $DefenderTaskSettings -ScheduledJobOption $Defend …
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Register-ScheduledTask], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Register-ScheduledTask

Reply | Quote

Can you post the whole bunch of commands and responses you get when trying to do this?

cheers, Paul

Reply | Quote

Here are all commands.

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\Users\Kenny> cd c:\
PS C:\> $DefenderTaskAction = New-ScheduledTaskAction -Execute ‘%comspec%’ -Argument ‘/c start “” /min “C:\Program Files\Windows Defender\MpCmdRun.exe” -SignatureUpdate’
PS C:\> $DefenderTaskTrigger = New-ScheduledTaskTrigger -Daily -At 05:00
PS C:\> $DefenderTaskSettings = New-ScheduledTaskSettingsSet -StartWhenAvailable
PS C:\> $DefenderTaskSettings.DisallowStartIfOnBatteries = $false
PS C:\> $DefenderTaskSettings.StopIfGoingOnBatteries = $false
PS C:\> $DefenderTaskopt = New-ScheduledJobOption -StartIfOnBattery
PS C:\> $DefenderTaskopt.StopIfGoingOnBatteries = $false
PS C:\> Register-ScheduledTask -Action $DefenderTaskAction -Trigger $DefenderTaskTrigger -Settings $DefenderTaskSettings -ScheduledJobOption $DefenderTaskopt -TaskName “Defender Update” -Description “Update Defender definitions if you have a metered connection”
Register-ScheduledTask : A parameter cannot be found that matches parameter name ‘ScheduledJobOption’.
At line:1 char:114
+ … skTrigger -Settings $DefenderTaskSettings -ScheduledJobOption $Defend …
+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Register-ScheduledTask], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Register-ScheduledTask

PS C:\>

Reply | Quote

See the OP above for the latest commands.
It seems there are different commands depending on which version of PowerShell (sigh).
These new commands follow the MS doco and work on my system.

$DefenderTaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable
Register-ScheduledTask -Action $DefenderTaskAction -Trigger $DefenderTaskTrigger -Settings $DefenderTaskSettings -TaskName “Defender Update” -Description “Update Defender definitions if you have a metered connection”

Let us know if it works.

cheers, Paul

Reply | Quote

As it was for good ol Command.com

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

This is what happened with the first command:

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\Users\Kenny> cd c:\
PS C:\> $DefenderTaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable Register-ScheduledTask -Action
New-ScheduledTaskSettingsSet : A positional parameter cannot be found that accepts argument ‘Register-ScheduledTask’.
At line:1 char:25
+ … kSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -Do …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-ScheduledTaskSettingsSet], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,New-ScheduledTaskSettingsSet

PS C:\>

Reply | Quote

You have concatenated the two commands. Each must be run on its own, not copied and pasted as one.

cheers, Paul

Reply | Quote

The way they show when you first posted them, they run one after the other. I figured the $ was the beginning of another command. Please repeat the commands, separating them by the line.

 

Reply | Quote

I’ve modified the OP. Use the commands from there.

cheers, Paul

1 user thanked author for this post.

Ken

Reply | Quote

Do you mean all the commands now showing in 2518255?

Starting with  PS C:\Users\Kenny> cd c:\

and ending with

+ ~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Register-ScheduledTask], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Register-ScheduledTask

PS C:\>

????????????????

Do I just copy the whole thing from beginning to end or hit “enter” to get a new command line for the next one, as I did before?

one line says: At line:1 char:114     do I enter this or??

 

Reply | Quote

Sorry, I have no idea where you got those lines from so I’m slightly confused by your question.

Start afresh with a new PowerShell window.
Copy each of the 4 commands one line at a time.
Paste the individual line into PowerShell by hovering over the PS window and right clicking.
Press Enter after each line.

cheers, Paul

Reply | Quote

Sorry, I am even more confused now! Please repeat the four lines, keeping them separate.

Reply | Quote

There are 4 commands in the original post. Run them in turn.

cheers, Paul

Reply | Quote

Tried again, got following:

PowerShell 7.2.1
Copyright (c) Microsoft Corporation.

https://aka.ms/powershell
Type ‘help’ to get help.

PS C:\Program Files\PowerShell\7> $DefenderTaskAction = New-ScheduledTaskAction -Execute ‘%comspec%’ -Argument ‘/c start “” /min “C:\Program Files\Windows Defender\MpCmdRun.exe” -SignatureUpdate’
PS C:\Program Files\PowerShell\7> $DefenderTaskTrigger = New-ScheduledTaskTrigger -Daily -At 05:00
PS C:\Program Files\PowerShell\7> $DefenderTaskSettings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable
>> Register-ScheduledTask -Action $DefenderTaskAction -Trigger
>> $DefenderTaskTrigger -Settings $DefenderTaskSettings -TaskName “Defender Update” -Description “Update Defender definitions if you have a metered connection”
ParserError:
Line |
3 | $DefenderTaskTrigger -Settings $DefenderTaskSettings -TaskName “Defe …
| ~~~~~~~~~
| Unexpected token ‘-Settings’ in expression or statement.

PS C:\Program Files\PowerShell\7>

 

Should I change directory to C:\  ???

 

Reply | Quote

I have no idea how you are managing to get the 3rd command to misbehave.
The >> characters indicate the command did not complete and you have then pasted the 4th command.

Are you modifying the commands, typing them, pasting them?

Try copying all the commands in one go and pasting them into Notepad.
Check that the commands match the ones in this thread.
Copy the lines one by one.
Paste the one line into the PowerShell window.
Press Enter and make sure you get the PS prompt back (PS C:\Program Files\PowerShell\7>)
Then copy the next line and repeat.

cheers, Paul

1 user thanked author for this post.

Ken

Reply | Quote

I have followed this all along.  I did not do anything after your last post. BUT, I see that Defender has been updated automatically the last couple of days!!! Strange.

 

However, another problem occurred this week: here (Win10Pro 21H2), I have gpedit set to notify before download/install. This week KB5008876 was installed without notification. I have checked all gpedit settings and they are OK.

Separately…

On my new HP laptop (Win11Pro 21H2) I configure gpedit to notify download/install. Defender updates are neither notified nor installed automatically. Follow your four commands there too?

 

Reply | Quote

Not surprised that Defender forced an update as it was probably way out of date.

Ken wrote:

On my new HP laptop

It won’t hurt to add a task to update Defender. Too many updates is better than not enough.

cheers, Paul

1 user thanked author for this post.

Ken

Reply | Quote

I am not sure what is going on….. on my Win11Pro last update in update history is 1/18. There is today a notification about update available. I looked, it is Defender, ready to download, but no download link.

I am worried that updates are not being dow3nloaded and installed.

Reply | Quote

Has the scheduled task run?

Does it update if you run
"C:\Program Files\Windows Defender\MpCmdRun.exe" -SignatureUpdate

What is the actual Defender update called?

cheers, Paul

Reply | Quote

I am not sure how to run this commend. I tried, got fo0llowing:

Microsoft Windows [Version 10.0.19044.1415]
(c) Microsoft Corporation. All rights reserved.

C:\Users\Kenny>cd C:\Program Files\Windows Defender\

C:\Program Files\Windows Defender>MpCmdRun.exe” -SignatureUpdate
‘MpCmdRun.exe” -SignatureUpdate’ is not recognized as an internal or external command,
operable program or batch file.

C:\Program Files\Windows Defender>\MpCmdRun.exe” -SignatureUpdate
‘\MpCmdRun.exe” -SignatureUpdate’ is not recognized as an internal or external command,
operable program or batch file.

C:\Program Files\Windows Defender>

 

On the other hand, looking at View Update history  gives a different result than WUmgr update history. See attached two files.  I have a similar result in my Win11Pro21H2 pc. Why the difference? Which is correct?

 

Reply | Quote

Ken wrote:

C:\Program Files\Windows Defender>MpCmdRun.exe” -SignatureUpdate
‘MpCmdRun.exe” -SignatureUpdate’ is not recognized as an internal or external command,
operable program or batch file.

You included a closing quotation mark without any opening quotation mark. Remove the ” from MpCmdRun.exe” and it will work.

1 user thanked author for this post.

Ken

Reply | Quote

Where do I see if the task scheduler has run?

Reply | Quote

Ken wrote:

Where do I see if the task scheduler has run?

In Task Scheduler – it has a last run column.

To run the command manually you need to copy the whole line and paste it, not cut it up onto bits and paste.

cheers, Paul

1 user thanked author for this post.

Ken

Reply | Quote