Updating Security Essentials (virus) definitions

[W. eWatson]

Hi, W.

MSE (Microsoft Security Essentials) has its own control panel, including
several options on the Settings tab. Among others, I have checked the
box to "Check for the latest virus and spyware definitions before
running a scheduled scan", and I've set it to run a Quick scan once a
week. Definition updates arrive at least once a day, but I can manually
check during the day, too.

WU = Windows Update - checks for updates to the Windows operating system.
MU = Microsoft Update - checks for updates to Windows PLUS Word and
other Microsoft applications you might have installed.
AU = Automatic Update - as you guessed.

All these settings are available from Start | Windows Update. On the
main WU screen, click "Change settings". On the next page, check the box
under "Microsoft Update". And also choose whether and when to check for,
download and install updates.

I've been using MSE since it first became available a couple of years
ago. I like it! ;<)

RC

....

Thanks. I do not see any Sec Ess updates present. Either the tool or for
viruses.

If I got to the MSE page Update tab, it shows Update. Virus definitions
were last checked 11/13/11, today. Defs last created on 11/12/11. Where
do I get to choose when and if I want defs installed? Maybe there is no
choice?

Setting tab shows Quick scan for early Sunday morning.

 

[W. eWatson]

Unlike other virus detection s/w, it looks like Essentials requires the
user to update definitions. My old McAfee seemed to do this regularly.
Did I miss something it the install?

What other effective virus detection software does not require
definition updates? Or did you mean to ask why your instance of MSE is
not performing *automatic* updates? In the latter case, just how long
have you waited to get an automated update? You never mentioned how
long you waited to see if MSE updated itself.

MSE does a check every 24 hours but the time is randomized to eliminate
the entire community of MSE users from slamming the update server at the
same time. The update interval is not user configurable also to
eliminate a huge load on the update server since users are known to
schedule events at common times, like on the hour or at 10- or
15-minutes of the hour rather than at, say, 12, 18, 38, or 53 minutes of
the scheduled hour.

If you want to ensure that MSE gets an update, if available, by a
certain time of day then look at my reply to Dummy (hey, he chose that
moniker for himself). You could schedule a daily [quick] scan with the
option enabled to check for updates before running the scan. You could
try using a scheduled event in Task Scheduler using the command-line
switch that I mentioned but I never tried that when I used to have MSE.

Thanks. I think I might have covered theses bases with R.C. White
moments ago.

 

[W. eWatson]

My experience differs from several of the others' in this thread, so
here goes:

1. I have Microsoft Security Essentials (MSE) set to update
automatically.

2. I have Windows Update (WU) configured to inform me of available
updates and to let me update manually.

3. From time to time (it does seem to be once a day), MSE updates itself
automatically.

4. From time to time, roughly every week, WU informs me it has updates
to download and install.

5. Frequently, the WU list includes the next update for MSE. That
happens when the list is generated before MS has updated itself.

6. On those occasions, if I check MSE in the WU list, WU updates it.

7. OTOH, If I don't check MWE in the WU list, MSE updates itself before
long.

I have seen the above behavior many times, and it remains consistent.
However, I find it annoying (I want WU to ignore MSE.)

HTH,
Gino

Interesting.

 

[SC Tom]

My experience differs from several of the others' in this thread, so
here goes:

1. I have Microsoft Security Essentials (MSE) set to update
automatically.

2. I have Windows Update (WU) configured to inform me of available
updates and to let me update manually.

3. From time to time (it does seem to be once a day), MSE updates itself
automatically.

4. From time to time, roughly every week, WU informs me it has updates
to download and install.

5. Frequently, the WU list includes the next update for MSE. That
happens when the list is generated before MS has updated itself.

6. On those occasions, if I check MSE in the WU list, WU updates it.

7. OTOH, If I don't check MWE in the WU list, MSE updates itself before
long.

I have seen the above behavior many times, and it remains consistent.
However, I find it annoying (I want WU to ignore MSE.)

The next time you get offered a MSE update through WU, uncheck it, then right-click and select "Don't show me this
update again." It probably won't stick (I still get the offer to update Outlook 2003 and I haven't had it installed in
years), but it would be interesting to see how long it goes before you get it offered again.

 

[Nil]

The next time you get offered a MSE update through WU, uncheck it,
then right-click and select "Don't show me this update again." It
probably won't stick (I still get the offer to update Outlook 2003
and I haven't had it installed in years), but it would be
interesting to see how long it goes before you get it offered
again.

I never get offered the updates I've intentionally hidden.

 

[SC Tom]

I never get offered the updates I've intentionally hidden.

In the case of the Outlook 2003 update, it's not the same one, but the "spam filter update", which I'm sure changes on a
regular basis, similar to the Malicious Software Removal Tool. That's why I said the refusal probably wouldn't stick
since the MSE definitions change regularly also.

 

[Gene E. Bloch]

The next time you get offered a MSE update through WU, uncheck it, then right-click and select "Don't show me this
update again." It probably won't stick (I still get the offer to update Outlook 2003 and I haven't had it installed in
years), but it would be interesting to see how long it goes before you get it offered again.

I've always assumed that the daily update for a different day would be a
different update, so the next one wouldn't be hidden by the above
procedure - i.e., only that particular day's update would get hidden.

Anyway, IIRC, once MSE updates on its own, the WU entry goes away. Of
course, it also disappears if I update from WU instead.

Then again, I might worry that if I hide today's update in WU, it will
be ignored in MSE as well. Microsoft has done dumber things than that

 

[Nil]

In the case of the Outlook 2003 update, it's not the same one, but
the "spam filter update", which I'm sure changes on a regular
basis, similar to the Malicious Software Removal Tool. That's why
I said the refusal probably wouldn't stick since the MSE
definitions change regularly also.

Ah, OK. I do get that one. I don't need or want it, but since it's a
different update each time, as you say, it keeps getting presented.

 

[blank]

Am I alone in being completely unable to understand this?

The MSE definition updates are treated like any other updates. If you
want them to be updated automatically, you have to set your update
options to update automatically. Open "Windows Update" and click on
"Change settings" in the left hand column of the page. Use the drop down
menus and check boxes to set the update options.

From past discussions, some including MVPs who said they had internal MS
contacts, you need to leave the AU service enabled and set to Automatic
startup but you do NOT need to leave WU setup to do automatic updates.
MSE uses the AU service to get its updates. It doesn't rely on the WU
settings. So you can configure WU to only alert you of Windows updates
(but not download or install them) to prevent Microsoft from changing
the state of your host until you decide to permit it but MSE can still
use the AU service to get its automatic updates. That is, you don't get
stuck with having your Windows automatically updated if you don't want
that but you can still have MSE get its updates as long as the AU
service is enabled and running (Automatic startup).

MSE uses the AU service to check for its own updates. MSE does not use
the schedule for the WU updates. MSE uses its own schedule (once every
24 hours but may lag if the computer was powered off) which is not user
configurable but it does it updates through the AU service. The closest
that I've seen to let the user schedule when MSE gets its updates
(through the AU service) is to add an event in Task Scheduler that runs
"MpCmdRun.exe -SignatureUpdate" (I no longer have MSE so I can't verify
this command-line switch will work). Another way was to configure the
scheduled scan to check for updates before scanning and then schedule a
[quick] scan every day. That was back a couple years (2009) when MSE
had problems initiating its update so this was a workaround to make it
to an update whenever you scheduled a scan.

It's possible some anti-virus/malware disabled the Automatic Updates
service or the user thought it was an unneccessary and disabled it which
means MSE won't be able to get its updates. The AU service should be
set to Automatic for startup on Windows startup and should currently be
running. See http://support.microsoft.com/kb/959894, method 3. In the
past, MS has used the AU service to push covert updates even if WU
settings were to notify only. As a consequence, many users that got
burned with BSOD bricks upon return to their host decided to disable the
AU service. When they wanted to do a WU update (after saving a backup
image of their OS partition), they would enable the AU service and
perform a manual WU update, install the updates, and then disable the AU
service. For such users, that also meant MSE wouldn't get its separate
updates. See article http://preview.tinyurl.com/27k5l9o to see how MS
decided you will have WU set to automatic which you have to set back.
Other users found updates getting applied when WU was set to disable and
managed to avoid the covert updates by disabling the AU service.

 

[Big Steel]

Am I alone in being completely unable to understand this?

All you need to know if your are using MSE is that the update for the
virus detentions will be in the form of a Windows Update along with any
other Windows Updates.

 

[SC Tom]

All you need to know if your are using MSE is that the update for the virus detentions will be in the form of a
Windows Update along with any other Windows Updates.

Unless it scans before WU, or updates itself before WU runs. The only time it will show up in WU is if the latest
definition (I think that's what you meant instead of 'detentions' ) hasn't already been updated.