Policy
Define the order of sources for downloading security intelligence updates
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016
This policy setting allows you to define the order in which different security intelligence update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources in order. Possible values are: “InternalDefinitionUpdateServer”, “MicrosoftUpdateServer”, “MMPC”, and “FileShares” For example: { InternalDefinitionUpdateServer | MicrosoftUpdateServer | MMPC } If you enable this setting, security intelligence update sources will be contacted in the order specified. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted. If you disable or do not configure this setting, security intelligence update sources will be contacted in a default order.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Define the order of sources for downloading security intelligence updates ID SignatureUpdate_FallbackOrder | text | HKLM\Software\Policies\Microsoft\Windows Defender\Signature Updates\FallbackOrder Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.
- ComputerAllow notifications to disable security intelligence based reports to Microsoft MAPSAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllow real-time security intelligence updates based on reports to Microsoft MAPSAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllow security intelligence updates from Microsoft UpdateAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllow security intelligence updates when running on battery powerAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerAllows Microsoft Defender Antivirus to update and communicate over a metered connection.At least Windows Server 2012, Windows 8 or Windows RT
- ComputerCheck for the latest virus and spyware security intelligence on startupAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerConfigure security intelligence updates according to the scheduler for VDI clients.At least Windows Server 2016, Windows 10 Version 1903
- ComputerDefine file shares for downloading security intelligence updatesAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerDefine security intelligence location for VDI clients.At least Windows Server 2016, Windows 10 Version 1903
- ComputerDefine the number of days after which a catch-up security intelligence update is requiredAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerDefine the number of days before spyware security intelligence is considered out of dateAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerDefine the number of days before virus security intelligence is considered out of dateAt least Windows Server 2012, Windows 8 or Windows RT