Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start-option ("run in background")-'Automatic Search for Updates' don't work - Workaround: Search for updates on systemstart/logon #113

Open
SILENT-da opened this issue Jan 21, 2021 · 2 comments
Open

Start-option ("run in background")-'Automatic Search for Updates' don't work - Workaround: Search for updates on systemstart/logon #113

SILENT-da opened this issue Jan 21, 2021 · 2 comments

Comments

@SILENT-da
Copy link

SILENT-da commented Jan 21, 2021
edited
Loading

Hello,
the option to let 'Update Manager' automatically search for updates (no, daily, weekly, monthly) don't work,
speaking of Update Managers feature itself, NOT Windows "Auto-Updates".
(using Windows 10 Pro 20H2).

It's possible to let it search for updates on start/logon:
Important: "Start"-options in 'Update Manager' ("run in background" and "run as administrator") have to be disabled.
(see picture, german version)
Einstellungen

EDIT: Re-created workaround, see following post below.
@SILENT-da
Copy link
Author

SILENT-da commented Feb 16, 2021
edited
Loading

EDIT:
Re-created workaround.

All update-procedures in one go on task/trigger (start/logon)

  • Automatic search/installation of Defender-updates (security intelligence)
  • Starting Update Manager in systray, refreshing list/searching for updates
  • Pushing app-updates, searching and installation

Steps

  • make Settings (see picture, previous post)

  • create PowerShell-script (AppUpdatesTrigger.ps1) in program-folder (same path as wumgr.exe, i.e. C:\Program Files\Update Manager for Windows)

Get-CimInstance -Namespace "Root\cimv2\mdm\dmmap" -ClassName "MDM_EnterpriseModernAppManagement_AppManagement01" | Invoke-CimMethod -MethodName UpdateScanMethod

  • create Batch-file (DefUpd+WUMgr+AppUpd.bat) in program-folder

@ECHO OFF

::Batch minimizing itself
::-----------------------
IF NOT DEFINED MinimizedUpdateWindow SET MinimizedUpdateWindow=1 & START "Defender- & App-Updates" /MIN "%~DPNX0" %* & GOTO EOF

::Check, if Update Manager is already running
::-------------------------------------------
TASKLIST /FI "IMAGENAME EQ wumgr.exe" | FIND ":" >NUL
IF ERRORLEVEL 1 GOTO EOF

::Check, if internetconnection/microsoft.com is available, display message, if not.
::(msg.exe not included in Win10 Home Edition!)
::---------------------------------------------
PING -n 1 www.microsoft.com | FIND "TTL=" >NUL
IF ERRORLEVEL 1 (
IF EXIST "%windir%\System32\msg.exe" (
(
ECHO 'Update Manager for Windows' not started!
ECHO.
ECHO www.microsoft.com not reachable,
ECHO check internet-connection.
) | @MSG * /SELF
)
GOTO EOF
)

::Searching and installing Defender- (Security Intelligence-) update
::------------------------------------------------------------------
START "" /WAIT /B "%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate

::Starting Update Manager, searching for updates
::----------------------------------------------
START "" /B "%ProgramFiles%\Update Manager for Windows\wumgr.exe" -tray -update

::Starting search and installation of app-updates
::-----------------------------------------------
START "" /B "%windir%\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Bypass -File "%~dp0AppUpdatesTrigger.ps1"

:EOF
EXIT

Note: Maybe you have to edit some paths and/or names.

  • create task in task scheduler

name: DefenderUpdate+WUMgr+AppUpdates
highest privileges/elevated
trigger: on logon
action: C:\Program Files\Update Manager for Windows\DefUpd+WUMgr+AppUpd.bat
no conditions, exept one: "only start, if all network-connections available"
settings:
"run as soon as possible after missed start"
"no closing, after running certain amount of time",

  • create link to this task in startmenu,
    %windir%\System32\schtasks.exe /run /tn "DefenderUpdate+WUMgr+AppUpdates"
    (run minimized, choose symbol of wumgr.exe, if you like to)

You can use this link manually afterwards for the case, that your internet-connection wasn't ready on startup.

Now on logon the batch is getting started by the task (minimizing itself), starting windows defender update and waiting to get finished with it, then starting Update Manager in systray searching for updates, and pushing app-updates at the same time.

In this way you don't get bothered by security intelligence (Defender-) updates anymore, gain control over windows-updates (thanks to Update Manager) and all installed apps are always up to date on every startup.

Enjoy. :-)

@SILENT-da SILENT-da mentioned this issue Feb 16, 2021
Open
@Mrnofish
Copy link

FTR there is a copy of MpCmdRun in \Program Files\Windows Defender on my system, but it's outdated. Most of the stuff in there is from 2019, so I'm guessing it could be a leftover and might not even be present on a fresh install. It'd be interesting to ask Microsoft why that stuff is still there in the first place.

The correct location is \ProgramData\Microsoft\Windows Defender\Platform<Latest Version>

FWIW I have three different versions installed.

I will also mention that there are group policy settings to schedule updates of the Security Intelligence, however I haven't tested them yet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Mrnofish @SILENT-da