We have a few servers that for some reason refuse to update their antimalware definitions automatically, the procedure is then to download the definition update manually and apply it, not rocket science but annoying as hell.

We use Microsoft Forefront Client Security and Microsoft is kind enough to offer a link where you can download a complete definition update file as an exe file, this will then update your antivirus – all you do is download and execute.

So I came up with the idea that if I could download this file via a script then I could apply it via a schedule during the night on the affected servers.  But how do you download a file via a schedule/script?  At first I leaned towards a VBS script, I even found a few but either they did no longer work (due to added security over the years to IE) or was painfully slow (the latter is not good when downloading a file of 45mb).  Further Googeling let me to WGET a simple commandline utility that can be scripted, and sure enough it worked like a charm 🙂

Should anyone have a similar problem then the batch/script file I made looks like this;
(Just modify the parts in red)

Echo *************************************************************************
Echo  This script will download the latest forefront antimalware def
Echo  once a day for servers with update problems
Echo *************************************************************************
Echo  The file downloaded is;
Echo  http://go.microsoft.com/fwlink/?LinkID=87342&clcid=0×409
del D:\Appl\msdefinitions\Definitions\mpam-fe.exe
D:\Appl\msdefinitions\wget.exe -t9 -O D:\Appl\msdefinitions\Definitions\mpam-fe.exe http://go.microsoft.com/fwlink/?LinkID=87342&clcid=0×409

More on downloading MS-Forefront definition files look here;

2 replies
    • Mike
      Mike says:

      I would expect so, have not tried under Windows 2008R2 but other than a potential firewall issue then I would expect it to work.

Comments are closed.