Server2016 Defender Install: "Please update Windows Defender Antivirus (KB4052623) to the latest version"

M

Manxome

Member
Apr 4, 2025
8
Hi all,

I'm hoping someone here can help - I'm getting stuck trying to install the Defender for Endpoint installation package (md4ws.msi) on my Server 2016 box; it's throwing the "Please update Windows Defender Antivirus (KB4052623) to the latest version" error. I've seen this before on other 2016 servers and managed to get around it by installing the referenced KB, and/or renaming SoftwareDistribution or Catroot2 folders, but this one is resisting my efforts so far.

Would greatly appreciate any help with this, many thanks.
 

Attachments

Hi @Manxome,

Welcome to Sysnative Forums!

If you haven't already, please review the posting instructions here, and attach the requested log files. Without log files, our helpers will not be able to assist, and this will slow down fixing your machine.

If logs have been already been provided, our team of volunteers will analyse the provided log files to build a fix for your system. Please be aware that this may take several days from your initial post, due to the high volume of threads that we receive.


- Sysnative Windows Update Team
 
Hello and welcome,

Run the command Dism /Online /Cleanup-Image /RestoreHealth in an elevated commandprompt and report the result.
If it fails, copy the file C:\Windows\Logs\CBS\cbs.log to your desktop.
Zip the copied file and attach the zipped cbs.log to your next reply.
 
Hi, thanks for coming back to me on this. I have done as described above and attached new CBS log in CBS_2.zip.

Not sure if that was purely diagnostic or whether an attempted fix, however the issue remains the same.2025-04-06_15-39-50.webp
 

Attachments

Right-click on the Start button and click Run.
Typ POWERSHELL in the input field, then click OK.
A blue window appears.
Typ in the blue window Get-WindowsUpdateLog and press the enter key.
Some text will appear in the blue window. Wait for the message "WindowsUpdate.log written to C:\Users\<username>\Desktop\WindowsUpdate.log".
Close the blue window.

Attach the file C:\Users\<username>\Desktop\WindowsUpdate.log to your next reply.
Note: if the file is too big to upload to your next reply please upload via a service such as Gofile or WeTransfer and just provide the download link.
 
Open Control Panel > Windows Defender
Windows Defender pops up. Click Help at the right-top and then About.
Provide a screenshot of the window that pops up.
 
Run the PowerShell command Install-WindowsFeature -Name Windows-Defender-GUI and report the result.
 
Ok. Run the following 2 PowerShell commands, one at a time, and report the result.
Get-Service -Name windefend
Get-Service -Name mpssvc
 
Export registry
  1. Click on the Start button and in the search box, type regedit.
  2. When you see regedit on the list, right-click on it and select Run as administrator
  3. When regedit opens, using the left pane, navigate to the following registry key and select it by clicking on it once.
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection

  4. Once selected, click File > Export....
  5. Name this file WATP and save it to your desktop.
  6. Attach the file to your next reply.
 
The following fix will remove the exported key.

Step 1:
Warning: This script was written specifically for this user, for use on that particular machine. Do not run this script on another machine.

Download the attachment and extract it.
Open the extracted folder, double-click the file regfix.reg.
When prompted allow to change the registry settings.
Report the result.

Step 2:
Restart the machine.
Open Control Panel, try to start Windows Defender and report the result.
 

Attachments

You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top