Windows Defender: Bypassing Group Policy software update settings

[ Microsoft this week released the replacement for Microsoft AntiSpyware
(beta 1), called Windows Defender (beta 2):
http://www.microsoft.com/antispyware ]

Two new features in Defender, when combined, are giving trouble. They are:

1) Configuration settings now controlled via Group Policy, and
2) Malicious and unwanted software signatures are downloaded via Windows
Update.

Our office network currently uses Software Update Services (SUS) because the
server set aside for this task isn't powerful enough to run Windows Server
Update Services (WSUS). A Group Policy Object (GPO) configures all
workstations to get all Windows updates from the local SUS server. We're
running AD2003, with the clients a mix of Windows 2000 (SP4) and XP (RTM,
SP1, SP2).

This is where the problem is. I'm testing Defender on a couple of
workstations and it turns out that it is unable to retrieve updates for
itself. Having run 'netstat' from the Command Prompt, I can see that Defender
is trying to connect to our SUS server (which doesn't have any Defender
definitions).

Can someone tell me how to either use Group Policy to instruct Defender to
get its updates directly from the Internet, or update SUS so that Defender
definitions are included? (Keep in mind that updating to WSUS is not an
option right now.)

Thanks,
desil.

Microsoft has established separate newsgroups Windows Defender Beta2 support
and comments. See
http://www.microsoft.com/athome/secu...s/default.mspx.

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org

desil wrote:
> [ Microsoft this week released the replacement for Microsoft AntiSpyware
> (beta 1), called Windows Defender (beta 2):
> http://www.microsoft.com/antispyware ]
>
> Two new features in Defender, when combined, are giving trouble. They are:
>
> 1) Configuration settings now controlled via Group Policy, and
> 2) Malicious and unwanted software signatures are downloaded via Windows
> Update.
>
> Our office network currently uses Software Update Services (SUS) because
> the server set aside for this task isn't powerful enough to run Windows
> Server Update Services (WSUS). A Group Policy Object (GPO) configures all
> workstations to get all Windows updates from the local SUS server. We're
> running AD2003, with the clients a mix of Windows 2000 (SP4) and XP (RTM,
> SP1, SP2).
>
> This is where the problem is. I'm testing Defender on a couple of
> workstations and it turns out that it is unable to retrieve updates for
> itself. Having run 'netstat' from the Command Prompt, I can see that
> Defender is trying to connect to our SUS server (which doesn't have any
> Defender definitions).
>
> Can someone tell me how to either use Group Policy to instruct Defender to
> get its updates directly from the Internet, or update SUS so that Defender
> definitions are included? (Keep in mind that updating to WSUS is not an
> option right now.)
>
> Thanks,
> desil.

Hmmm... I didn't see that. But they're top-secret private newsgroups! I'll
repost my message there. Will post back here if I get anything useful.

"PA Bear" wrote:

> Microsoft has established separate newsgroups Windows Defender Beta2 support
> and comments. See
> http://www.microsoft.com/athome/secu...s/default.mspx.
>
> --
> ~Robear Dyer (PA Bear)
> MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
>
> desil wrote:
> > [ Microsoft this week released the replacement for Microsoft AntiSpyware
> > (beta 1), called Windows Defender (beta 2):
> > http://www.microsoft.com/antispyware ]
> >
> > Two new features in Defender, when combined, are giving trouble. They are:
> >
> > 1) Configuration settings now controlled via Group Policy, and
> > 2) Malicious and unwanted software signatures are downloaded via Windows
> > Update.
> >
> > Our office network currently uses Software Update Services (SUS) because
> > the server set aside for this task isn't powerful enough to run Windows
> > Server Update Services (WSUS). A Group Policy Object (GPO) configures all
> > workstations to get all Windows updates from the local SUS server. We're
> > running AD2003, with the clients a mix of Windows 2000 (SP4) and XP (RTM,
> > SP1, SP2).
> >
> > This is where the problem is. I'm testing Defender on a couple of
> > workstations and it turns out that it is unable to retrieve updates for
> > itself. Having run 'netstat' from the Command Prompt, I can see that
> > Defender is trying to connect to our SUS server (which doesn't have any
> > Defender definitions).
> >
> > Can someone tell me how to either use Group Policy to instruct Defender to
> > get its updates directly from the Internet, or update SUS so that Defender
> > definitions are included? (Keep in mind that updating to WSUS is not an
> > option right now.)
> >
> > Thanks,
> > desil.
>
>

It's the "public" private beta newsgroup, not the "private" private beta
newsgroup. <w>
--
~PA Bear

desil wrote:
> Hmmm... I didn't see that. But they're top-secret private newsgroups! I'll
> repost my message there. Will post back here if I get anything useful.
>
> "PA Bear" wrote:
>
> > Microsoft has established separate newsgroups Windows Defender Beta2
> > support and comments. See
> > http://www.microsoft.com/athome/secu...s/default.mspx.
> >
> > --
> > ~Robear Dyer (PA Bear)
> > MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
> >
> > desil wrote:
> > > [ Microsoft this week released the replacement for Microsoft
> > > AntiSpyware (beta 1), called Windows Defender (beta 2):
> > > http://www.microsoft.com/antispyware ]
> > >
> > > Two new features in Defender, when combined, are giving trouble. They
> > > are:
> > >
> > > 1) Configuration settings now controlled via Group Policy, and
> > > 2) Malicious and unwanted software signatures are downloaded via
> > > Windows Update.
> > >
> > > Our office network currently uses Software Update Services (SUS)
> > > because the server set aside for this task isn't powerful enough to
> > > run Windows Server Update Services (WSUS). A Group Policy Object
> > > (GPO) configures all workstations to get all Windows updates from the
> > > local SUS server. We're running AD2003, with the clients a mix of
> > > Windows 2000 (SP4) and XP (RTM, SP1, SP2).
> > >
> > > This is where the problem is. I'm testing Defender on a couple of
> > > workstations and it turns out that it is unable to retrieve updates
> > > for itself. Having run 'netstat' from the Command Prompt, I can see
> > > that Defender is trying to connect to our SUS server (which doesn't
> > > have any Defender definitions).
> > >
> > > Can someone tell me how to either use Group Policy to instruct
> > > Defender to get its updates directly from the Internet, or update SUS
> > > so that Defender definitions are included? (Keep in mind that
> > > updating to WSUS is not an option right now.)
> > >
> > > Thanks,
> > > desil.

I don't believe we have any useful answer except to update to WSUS, which
desil has already said is not possible. I hope desil is in touch with the
end of life statements at the SUS pages.

--

"PA Bear" <> wrote in message
news:%23Ad53j$...
> It's the "public" private beta newsgroup, not the "private" private beta
> newsgroup. <w>
> --
> ~PA Bear
>
> desil wrote:
>> Hmmm... I didn't see that. But they're top-secret private newsgroups!
>> I'll
>> repost my message there. Will post back here if I get anything useful.
>>
>> "PA Bear" wrote:
>>
>> > Microsoft has established separate newsgroups Windows Defender Beta2
>> > support and comments. See
>> > http://www.microsoft.com/athome/secu...s/default.mspx.
>> >
>> > --
>> > ~Robear Dyer (PA Bear)
>> > MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org
>> >
>> > desil wrote:
>> > > [ Microsoft this week released the replacement for Microsoft
>> > > AntiSpyware (beta 1), called Windows Defender (beta 2):
>> > > http://www.microsoft.com/antispyware ]
>> > >
>> > > Two new features in Defender, when combined, are giving trouble. They
>> > > are:
>> > >
>> > > 1) Configuration settings now controlled via Group Policy, and
>> > > 2) Malicious and unwanted software signatures are downloaded via
>> > > Windows Update.
>> > >
>> > > Our office network currently uses Software Update Services (SUS)
>> > > because the server set aside for this task isn't powerful enough to
>> > > run Windows Server Update Services (WSUS). A Group Policy Object
>> > > (GPO) configures all workstations to get all Windows updates from the
>> > > local SUS server. We're running AD2003, with the clients a mix of
>> > > Windows 2000 (SP4) and XP (RTM, SP1, SP2).
>> > >
>> > > This is where the problem is. I'm testing Defender on a couple of
>> > > workstations and it turns out that it is unable to retrieve updates
>> > > for itself. Having run 'netstat' from the Command Prompt, I can see
>> > > that Defender is trying to connect to our SUS server (which doesn't
>> > > have any Defender definitions).
>> > >
>> > > Can someone tell me how to either use Group Policy to instruct
>> > > Defender to get its updates directly from the Internet, or update SUS
>> > > so that Defender definitions are included? (Keep in mind that
>> > > updating to WSUS is not an option right now.)
>> > >
>> > > Thanks,
>> > > desil.
>