Microsoft has released on Friday a new tool that will allow system administrators to update the Defender security package inside Windows installation images (WIM or VHD supported).
The new tool was created for enterprise environments where workstations and servers are serviced or mass-installed using installation images.
Some of these images are reused for months at a time, and the Microsoft Defender (default antivirus) package found inside would usually end up being installed using an out-of-date detection database.
The newly installed Windows operating systems would eventually update the Defender package, but Microsoft says that this creates a “protection gap” during which systems could be easily attacked and infected.
Microsoft’s new tool is intended to allow system administrators to update their WIM or VHD installation images to contain the most recent Defender component before deploying it on their device fleet.