Microsoft has released a new update package Defender anti-malware for Windows OS installation images, i.e. Windows Imaging Format (WIM) and VHD (Virtual Hard Disk) formats.
The new definitions support Windows 11, all versions of Windows 10, and Windows Servers 2016 and 2019.
This update package is necessary because a Windows installation image may contain old, outdated anti-malware definitions and software binaries. In addition to better security, these updates can also provide better performance in some cases.
Microsoft provides the security definitions for Windows images via update 1.385.1537.0. The Defender package version is 20230330.2. In the support logs describing the new update, the Microsoft says:
“The first few hours of a fresh Windows installation can leave the system vulnerable due to a Microsoft Defender protection gap. This is because operating system installation images may contain outdated anti-malware software binaries.
Devices that use either the built-in program Windows antivirus or other security solution can benefit from these updates. This article describes the antimalware update package for Microsoft Defender in operating system installation images (WIM and VHD files).
This feature supports the following operating system installation images:
- Windows 11
- Windows 10 (Enterprise, Pro and Home editions)
- Windows Server 2019
- Windows Server 2016
Version information
Defender Package Version: 20230330.2
This package updates the anti-malware client, anti-malware engine, and signature versions in the operating system installation images to the following versions:
Platform version: 4.18.2302.7
Engine version: 1.1.20100.6
Safety information release: 1.385.1537.0"
From Microsoft's security bulletin, we learned that the 1.385.1537.0 update was released late last month. Adds threat detections for various Trojans, hacktools, ransomware, among others. For those wondering, the latest update is version 1.387.1114.0.
