Managing Microsoft Defender in PowerShell in Windows 8


Microsoft Defender is the built-in Anti-Malware program in Windows 8, with the same engine that powers Security Essential for Windows 7 computers as well as the same user interface to manage it. But do you also know that you can manage the Defender not only through the GUI, but also via the PowerShell cmdlet?

Get the list of the cmdlet available

First, let’s run Get-Command -Module Defender in PowerShell console to get the list of available cmdlet designated for Defender.

PowerShell - Get Command for Defender

Let’s explore the possibilities

To get the list of preference settings, run Get-MpPreference. To add a preference, run Add-MpPreference. And to change a preference, run Set-MpPreference. Note that to add or change a preference, you will need to run PowerShell as administrator to get the proper permission.

The cmdlet Get-MpComputerStatus shows the current status of Windows Defender on your computer, such as, the version of AntiVirus engine, when was last time it’s got updated, is the Real Time Protectionenabled, etc.

PowerShell - Defender - Get-MpComputerStatus

You can also use Get-MpThreatDectection to check the threats Microsoft Defender has been able to catch, and remove a thread by Remove-MpThreat after a threat has been cleaned up.

Oh, you can even manually start a scan (Start-MpScan) or run an update (Update-MpSignature) right from PowerShell console. It’s perfect if you want to run these tasks as part of a batch file or scheduled job.

PowerShell - run Defender scan


Please enter your comment!
Please enter your name here