Enabling ‘Do not connect to any Windows Update Internet Locations GPO’ disabled Defender auto updates


Currently we have the below Policies enabled as per RSOP GPO entries:-

  1. “Admin TemplatesWindows ComponentsWindows Defender AntivirusSignature UpdatesAllow definition updates from Microsoft Update = enabled
  2. “Admin TemplatesWindows ComponentsWindows UpdateDo not connect to any Windows Update Internet Locations = enabled”
  3. WUfB Rings have been removed
  4. WSUS intranet content location has been enabled via GPO

Our requirement is to deploy Windows 10 monthly and feature updates only from SCCM/WSUS and not from Internet. But at the same time, we need to enable automatic updates for Windows Defender from Internet. We have Co-managed environment. Need your suggestions please.

Answer ( 1 )


    I don’t have an answer about the Group Policy

    But not sure whether you already slide workload “Endpoint protection” to Intune? That might help


    Best answer

Leave an answer

Sorry, you do not have permission to answer to this question .