Hi Folks –
Ive heard some confusion on the handling of the update approval for MS07-010 / KB932135 released last Tuesday, Feb 12th. For the few of you who subscribe to Windows Defender Definition Updates but DON’T have your auto approvals set up for these, just a reminder you’ll want to make sure you manually approve this update. This definition update also contains a security fix for the Defender engine that you'll want to get installed. I know most of you just let Auto Approvals handle your Definition Updates – but if there are any of you out there who don’t, this one you’ll want to approve. As a best practice, setting up Automatic Approvals for the classification of Definition Updates is highly recommended. This is because new Defender Definition Updates come out frequently, replacing the old ones, which expire fairly rapidly.
Below just a pointer for anyone who has not setup auto approval rules -so you can do this easily.
To make sure your Auto Approvals are set for Definition Updates, verify in your synchronization options, under products Windows Defender is selected and under Update Classifications, the update classification Definition Updates is also selected (this will ensure they are synching from Microsoft to your WSUS server). To set the associated automatic approval rules, go to options from the WSUS home page, and click Automatic Approval Options. Be sure the “Automatically approve updates for installation by using the following rule” check box is checked – then under Approve for Installation – click Add/Remove Classification and verify or add Definition Updates. Once these AA rules are set do a manual synchronization. Because Auto Approval rules do not apply retroactively, you’ll want to be sure that you still manually approve any Windows Defender updates which have been synchronized previous to setting up these rules.
thanks - Bobbie