Microsoft: Don't install Windows 10 1809 October 15 update, it breaks Defender ATP

Microsoft urges organizations to avoid installing KB4520062 because it could stall Defender antivirus services.

Managing Windows 10 updates will always be a struggle for Microsoft Microsoft is overhauling how it delivers Windows 10 updates. But the almost infinite variation of PCs will make that an uphill struggle.

Microsoft's second monthly cumulative update on October 15 for Windows 10 version 1809 contained only non-security fixes, but it may cause a security problem for organizations that rely on Windows Defender Advanced Threat Protection (ATP). 

Microsoft yesterday began advising organizations running Windows 10 version 1809 PCs and Windows Server 2019 against installing the update KB4520062

Microsoft released it on October 15 for 1809 along with other versions of Windows 10 as the second update following the October Patch Tuesday update. It is a non-security and optional update.

SEE: 20 pro tips to make Windows 10 work the way you want (free PDF)    

The reason it's advising customers not to install the update is that Microsoft Defender ATP security tools "might stop running and might fail to send reporting data". 

That's not good news for enterprises that rely on Defender ATP for antivirus, monitoring endpoint devices, and threat intelligence. The security tools are built in to Windows 10 Enterprise.   

The glitch only affects Windows 10 version 1809 PCs and Windows Server 2019. Fortunately the second cumulative update each month is not mandatory to install, but those that have done so already might run into the problem Microsoft describes in its issues page for Windows 10 version 1809.     

"The Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data. You might also receive a 0xc0000409 error in Event Viewer on MsSense.exe," Microsoft explains

Microsoft is investigating the issue and estimates a resolution will be available in mid-November. It's not clear whether it will be ready after the November Patch Tuesday update, which happens on November 12.

SEE: Windows 10 1909: What do developers need to know? Not much, says Microsoft  

"At this time, we suggest that devices in an affected environment do not install KB4520062. We are working on a resolution and estimate a solution will be available in mid-November," Microsoft said. 

Another fix Windows 10 users are waiting for is the mysterious 'critical error' plaguing the Start menu that surfaced after users installed the October Patch Tuesday update. Microsoft says a fix should be out by late October.   

More on Microsoft's Windows 10 updates

  • Windows 10 Start menu problems: We'll fix them in late October, says Microsoft  
  • Windows 10: Now you can take calls to an Android phone from your PC
  • Farewell Windows 10 1703: With its final patch, Creators Update hits end of life
  • Windows patch causes more pain: Start Menu, boot and printer problems surface
  • Windows out-of-band update: Microsoft's mandatory security patch is for all versions
  • Windows 10 users fume: Microsoft, where's our 'local account' option gone?
  • Windows 10 1909: Microsoft pushes on with testing as 19H2 update rollout looms  
  • Windows 10 1909: Microsoft ends 19H2 confusion, puts all testers on same builds 
  • Windows 10: We're now gearing up for 1909 with new throttled release, says Microsoft
  • No more buggy Windows 10 updates? Microsoft makes it easier to flag early flaws
  • Windows 10 recovery: Microsoft borrows Apple's Mac cloud reinstall feature
  • Windows 10 19H2: If you're on 1903, expect 'far faster' update, says Microsoft
  • Windows 10 yields more secrets: Microsoft plan to split OS from shell takes shape
  • How to delete the Windows 10 paging file on every shut-down TechRepublic
  • Test Microsoft's Chrome-like Edge browser for Windows 10 CNET