SCCM Endpoint Protection on Windows 10 Creators Update 1703

System Center Endpoint Protection and Windows Defender both have a history of changes since they came out years ago. When Windows 10 came out more changes were made to Endpoint Protection and Windows Defender as we covered in a previous post. The latest Windows 10 Creators Update (1703), also bring its share of changes for Windows Defender, which then impact Endpoint Protection on the end-user side.

If you are new to System Center Endpoint Protection, see our complete guide which covers it all.

In this post, we will look at what changed for Endpoint Protection and Windows Defender in the Windows 10 Creators Update (1703).

What’s new for Endpoint Protection on Windows 10 Creators Update?

First thing first. The name! Microsoft as once again renamed Windows Defender. The new name is Windows Defender Antivirus. This is due to the rising of Advanced Threat Protection (ATP) and the idea that Windows Defender is becoming more a security suite for Windows 10.

This can be seen under Settings / Update & Security / Windows Defender. Basic information are available on this screen.

To seen each “component” of Windows Defender, Microsoft has created a Windows Defender Security Center section :

Windows Defender standalone window

The standalone window is now gone. Everything can be found in the Windows Defender Security Center

This is how it looks before Creators Update:

With Windows 10 Creators Update :

How to run a manual scan?

As stated earlier, Microsoft like to move stuff around regarding Endpoint Protection and Windows Defender. The manual scan has moved :

• To run a scan, go to in the Windows Defender  Security Center / Virus & threat protection

• Quick Scan and Advanced Scan are available
• Under Advanced Scan, a new option is available : Windows Defender Offline Scan

More details about Windows Defender Offline Scan on the Technet Article

How to validate Anti-malware policies

To validate which Anti-malware policies are applied from Endpoint Protection:

• Go to Windows Defender Security Center / Settings
• Click the gear icon on the bottom

• Then click on About

• Anti-malware policies are displayed in a similar format as before

SCCM Definition Updates

Definition updates haven’t changed for the new release of Windows 10. It is still required to deploy Windows Defender Definition Update KB2267602. Also, note that the update is still in the Windows Defender product category.

What are the new features for Windows Defender on Windows 10 Creators update?

As we said at the beginning of this blog, Windows Defender is becoming a suite of Security features.

The Windows Defender Security Center include the following features on top of Windows Defender Anti-virus:

Firewall & network protection

This is a high-level view of the Firewall status. Windows Firewall with Advanced Security is still available and necessary.

Device Performance & Health

This new section provides an overview of the Windows Update, Storage Capacity, Device Drivers and Battery life.

Not much has emerged for this section so far. Status and report are automatically generated.

Warning and error will impact the display icon of Windows Defender Security Center from the system tray.

App & Browser Control

This section is the previously known SmartScreen, which is now rebranded to Windows Defender SmartScreen

It comes with 3 settings section: Check Apps & files, SmartScreen for Microsoft Edge and SmartScreen for Windows Store apps.

A fourth setting is available in Internet Explorer 11. This seems to be a standalone On/Off switch, as it doesn’t affect any settings under the App & Browser Control

Family Option

This is pretty much the Parental Control but online with LiveID

Clicking on View family settings lead to this Microsoft page, which is an online service for family options.

For more details on Windows Defender in Windows 10 Creators Updates, see the Technet article