Azure 更新管理显示 Microsoft Defender 防病毒软件的安全智能更新的取代版本 - KB2267602
[英]Azure Update Management showing superseded versions of Security Intelligence Update for Microsoft Defender Antivirus - KB2267602
问题描述
I've been having this issue with multiple Azure Virtual Machines for a while now.
一段时间以来,我一直在使用多个 Azure 虚拟机遇到这个问题。
I'm using and Azure Automation Account / Log Analytics Workspace to manage updates on 5 different Azure Virtual Machines.我正在使用 Azure 自动化帐户/日志分析工作区来管理 5 个不同的 Azure 虚拟机上的更新。 It's routinely showing all machines as missing updates, specifically multiple superseded copies of 'Security Intelligence Update for Microsoft Defender Antivirus - KB2267602'它经常将所有机器显示为缺少更新,特别是“Microsoft Defender 防病毒安全智能更新 - KB2267602”的多个被取代副本
See screenshot below where it's showing versions 1.321.1221.0 through 1.321.1256.0 as missing:请参阅下面的屏幕截图,其中显示版本 1.321.1221.0 到 1.321.1256.0 缺失:
Screenshot of Update Management blade in my Automation Account我的自动化帐户中更新管理刀片的屏幕截图
However all five Virtual Machines have 1.321.1260.0 installed as shown here:但是,所有五个虚拟机都安装了 1.321.1260.0,如下所示:
Screenshot of 'View Update History' from affected Virtual Machine来自受影响虚拟机的“查看更新历史记录”的屏幕截图
I know that the Update agent has refreshed since 1.321.1260.0 was installed as 1260.0 was previously showing as missing, however as per the screenshot above it is now not.我知道自从 1.321.1260.0 安装以来更新代理已经刷新,因为 1260.0 以前显示为丢失,但是根据上面的屏幕截图,现在不是。
I have tried to clear the current cache and trigger an update from CMD using the following script as detailed here :我尝试使用以下脚本清除当前缓存并从 CMD 触发更新,详见此处:
cd %ProgramFiles%\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate
This runs and completes successfully, but doesn't resolve my issue.这运行并成功完成,但不能解决我的问题。
Can anyone suggest why these superseded updates are showing, and/or how to clear them out?谁能建议为什么显示这些被取代的更新,和/或如何清除它们? They are adversely affecting my otherwise squeaky clean Azure Security Center posture.它们对我原本干净利落的 Azure 安全中心姿势产生了不利影响。
Thanks in advance!提前致谢!
1 个解决方案
解决方案1
0 2020-08-13 08:30:28
You could try the resolution.你可以试试这个分辨率。
When a superseded update becomes 100 percent not applicable, you should change the approval state of that update to Declined.
In the Automation account, select Update Management to view machine status.
Check the superseded update to make sure that it's 100 percent not applicable.
Mark the update as declined unless you have a question about the update.
Select Computers and, in the Compliance column, force a rescan for compliance.
Repeat the steps above for other superseded updates.
Run the cleanup wizard to delete files from the declined updates.
For Windows Server Update Services (WSUS), manually clean all superseded updates to refresh the infrastructure.
Repeat this procedure regularly to correct the display issue and minimize the amount of disk space used for update management.
Refer to https://docs.microsoft.com/en-us/azure/automation/troubleshoot/update-management#scenario-superseded-update-indicated-as-missing-in-update-management请参阅https://docs.microsoft.com/en-us/azure/automation/troubleshoot/update-management#scenario-superseded-update-indicated-as-missing-in-update-management
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.