Technical Level: Basic Applies to: Microsoft Security Essentials A description of the automatic updating process for Microsoft Security Essentials virus and spyware definitions.
Microsoft Security Essentials (MSE) requires that the Automatic Update service be running and started, but it does not matter what you have selected in Control Panel/Automatic Updates for the way you want to handle critical and important updates for Windows. It is recommended, however, that you at least allow Automatic Updates to notify you about critical and important updates so that you can choose to download and install them as soon as possible and help keep your operating system secure with the latest patches from Microsoft.
(Windows Defender on Windows 8 requires Automatic Updates to be configured to download and install updates automatically or the Windows Defender signature updates will not install automatically.)
MSE Updates are downloaded automatically using the AU "pipe" which includes BITS, the
Background Intelligent Transfer Service. It must be running and up to date, or MSE updates may have
The Microsoft Antimalware group deploys updates for MSE (also Forefront and Windows Defender) typically a few times daily. It is not critical for you to check for updates throughout the day because when MSE checks for updates, the offered updates will be downloaded and added to the database. Update installations are cumulative.
MSE will report that it is up to date and in good status even if the definitions are a few days old on the PC. Note that MSE uses the local signatures for common protection, but it also employs behavioral detection. If suspicious activity is detected, MSE will communicate with the servers to determine if a match has been reported and will immediately download any information needed to deal with the threat if a match is found.
Updates are a once per 24 hour check on a schedule determined by MSE. There is no setting within MSE to change the scheduled time or frequency.
Optionally, you can add a check for updates by setting check for updates before scan and setting up a scheduled scan daily (for a time when the PC will be on as it won't run a missed scan later). Note that if Updates were installed within the prior 24 hours, an additional update check before the scheduled scan may not occur.
MSE will also check 10 minutes or so after boot or wake from sleep if there is a network connection *and* the current updates are greater than 24 hours old. It will *not* perform this catch up check if the current definitions were installed within the past 24 hours, but will wait until the next scheduled check time.
Updates are*also* offered through Microsoft Updates / Automatic Updates and installation via this route depends on your AU selection. These are marked as Optional Updates. If you have it set for install automatically, you may see signature updates multiple times per day.
MSE will not update through an authenticated Proxy Server. However,
this article may provide a workaround.
MSE can update using WSUS. This was changed to allow colleges and universities to make signature updates available on WSUS for students' personal computers running MSE.
You can manually check for updates at any time, though this should not generally be needed. Open MSE, click on the Updates tab and click the button to check for updates.
You can manually download a full engine and definition package from theMicrosoft Malware Protection Center and apply it to a PC running MSE without a clear network connection, if desired. The full package is quite large, about 50 to 75 megabytes. Typically, the automatic (or manual from within MSE) updates are a few megabytes in size.