Microsoft has shipped a new Defender update package — version 1.447.236.0 — specifically for offline servicing of Windows installation images, targeting a long-standing security blind spot that leaves freshly deployed machines vulnerable to malware during their first minutes of operation. The package, published as part of the April 2026 update cycle, updates the antimalware client, engine, and security intelligence inside WIM and VHD files to the latest versions, ensuring new deployments start with up-to-date defenses before they ever connect to the internet.
The Invisible Gap: Stale Defenses in Your Golden Image
When a Windows installation image is captured and sealed — whether as an ISO, WIM, or VHD file — it freezes every component in time. That includes the Microsoft Defender binaries and the security intelligence (definitions) that were current the moment the image was mastered. If that image then sits on a server or in long-term storage for weeks or months, those protections age rapidly. By the time an administrator uses it to provision a new machine, the embedded Defender engine and signatures may be weeks or even months out of date.
The result is what Microsoft officially terms a “protection gap.” A freshly installed system, before it can phone home and grab the latest updates, runs with whatever ancient definitions came baked into the image. In the hours or even days before a patching cycle catches up — especially in air-gapped environments or during mass deployments where updates are staggered — that system is at elevated risk. Threat actors don’t need days to compromise a vulnerable endpoint; modern infostealers and automated attack chains can move in minutes.
The forum discussion on windowsforum succinctly described the problem: “the antimalware binaries and definitions embedded in ISO/WIM/VHD images become stale the moment an image is created, and until those components are updated the freshly installed system may be less protected during its first minutes or hours of operation.” This is not a theoretical vulnerability. The recent Lumma stealer takedown, which Microsoft led in mid-2025, illustrated exactly how quickly commodity malware can spread when protections lag. Between March 16 and May 16 of that year, the campaign infected over 394,000 Windows machines, many of which might have been recent deployments still catching up on updates.
Microsoft’s Latest Image-Servicing Package
To address this, Microsoft periodically releases specialized Defender update packages designed for offline servicing of OS installation images. The most recent package, version 1.447.236.0, bundles three critical components into a single CAB file accompanied by a PowerShell helper script (DefenderUpdateWinImage.ps1). When applied, it injects the following into the target WIM or VHD:
- Platform version: 4.18.26040.7
- Engine version: 1.1.26040.8
- Security intelligence version: 1.447.236.0
These numbers correspond to the latest antimalware binaries, scanning engine, and malware definitions as of the package’s release. Notably, the security intelligence version matches the package version — a deliberate design choice that simplifies tracking and validation.
The package supports a broad range of Windows editions:
- Windows 11
- Windows 10 ESU
- Windows 10 Enterprise LTSC 2021
- Win 10 Ent LTSC 2019
- Win 10 Ent LTSB 2016
- Windows Server 2022
- Windows Server 2019
- Windows Server 2016
Architecture-specific ZIP downloads are available for x86, x64, and ARM64. Microsoft’s support article (updated for the April 2026 release) confirms the package size: approximately 137 MB (ARM64), 217 MB (x86), and 239 MB (x64).
How to Apply the Update: A Technical Walkthrough
Integrating the update into your image is a straightforward process that requires a servicing host running Windows 10/11 and PowerShell 5.1 or later. The steps, drawn from the community discussion and Microsoft’s documentation, are as follows:
- Download the correct package from Microsoft’s official support page. Ensure you select the ZIP matching your image’s architecture.
- Back up your original image — always make a copy before servicing.
- Identify the image index if you’re working with a multi-edition WIM. Use
DISM /Get-WimInfoto list the indexes. - Run the PowerShell script as administrator. The basic syntax is:
powershell
DefenderUpdateWinImage.ps1 -WorkingDirectory <path> `
-ImageIndex <index_number> `
-Action AddUpdate `
-ImagePath <path_to_os_image> `
-Package <path_to_defender_dism.cab>
- Validate the result by mounting the serviced image and checking the Defender version in the offline registry, or by deploying a test VM and verifying the Windows Security UI shows the expected platform and engine versions.
The script handles the heavy lifting, but administrators must guard against a critical mistake: never apply this update to a running operating system. Microsoft explicitly warns that doing so can damage the live installation. The package is engineered for offline image servicing only.
The Lumma Stealer Takedown: A Proof Point for Pre-Loaded Protection
The importance of pre-loading current defenses into deployment images isn’t abstract. In May 2025, Microsoft’s Digital Crimes Unit, alongside law enforcement and industry partners, executed a global disruption of the Lumma stealer — a prolific infostealer that had become a favored tool for cybercriminals. According to Microsoft’s On the Issues blog, the operation uncovered approximately 394,000 infected Windows systems between March 16 and May 16, 2025. The malware specialized in stealing credentials, browser data, and cryptocurrency wallets, often exfiltrating sensitive information within moments of initial compromise.
Lumma spread through cracked software, malicious advertising, and phishing lures — vectors that can easily snare a brand‑new machine that hasn’t yet pulled down the latest definitions. An image with stale Defender components would be unable to detect the stealer’s most recent variants, leaving a freshly provisioned endpoint wide open during the critical first-boot window. By embedding a current defense stack directly into the installation image, administrators can shrink that window to nearly zero, significantly reducing the attack surface during the most vulnerable phase of a device’s lifecycle.
Automating Image Servicing for Enterprise Pipelines
For organizations that manage fleets of devices, manually updating images every three months isn’t practical. The better approach is to bake the update into an automated build pipeline. A typical workflow might look like this:
- Image-build stage: After applying cumulative updates and applications, the pipeline downloads the architecture-matched Defender ZIP from a trusted internal repository.
- Script execution: The pipeline runs
DefenderUpdateWinImage.ps1with the appropriate parameters, using a service account with local admin rights. - Artifact recording: The pipeline writes the applied package version (e.g., 1.447.236.0) and the resulting platform/engine/security intelligence versions into build metadata, which is stored alongside the image.
- Validation: A sandbox deployment is triggered automatically, and a health check confirms that Windows Security reports the expected version numbers.
This approach ensures every deployment — whether via SCCM, MDT, or Intune — benefits from the latest protections without manual intervention. It also creates an auditable trail that security teams can use to verify which definitions were present when each image was built.
Even with image servicing, environments should still configure robust first-boot update policies. The combination of an offline‑serviced image and a policy that forces Defender definition updates as soon as a network connection is available provides defense in depth.
Verification and Supply Chain Integrity
The community discussion raised an important caution: second‑hand reporting of version numbers can be unreliable. Some news outlets previously cited a Defender package version of 1.431.796.0, while others mentioned security intelligence 1.435.225.0 — neither of which could be confirmed on Microsoft’s official pages at the time. Microsoft’s definitions are updated daily, and platform/engine versions follow a multi‑week cadence, so any static number quoted in a news article may already be obsolete.
Administrators should always retrieve version information directly from:
- The Microsoft Support article (https://support.microsoft.com/en-us/topic/microsoft-defender-update-for-windows-operating-system-installation-images-1c89630b-61ff-00a1-04e2-2d1f3865450d) for the latest package, platform, engine, and security intelligence version.
- The Microsoft Security Intelligence page (https://www.microsoft.com/en-us/wdsi/definitions) for the current definition version and release history.
Supply chain integrity is another critical factor. The Defender update ZIP and its contents should be treated as sensitive build artifacts. Store them in a secured, access‑controlled repository, validate their Authenticode signatures, and verify checksums before use. An attacker who compromises the update package could inject malicious code directly into your golden image, undoing all the security gains.
The Bottom Line: A Best Practice Becomes Non-Negotiable
Microsoft recommends servicing OS installation images with Defender updates at least every three months. With the April 2026 release of package 1.447.236.0, the bar for what constitutes a secure deployment baseline has risen. The effort required is minimal — a single script execution within an existing build pipeline — while the risk reduction is substantial.
The Lumma stealer case proves that the first hours after provisioning are no longer a safe grace period. Malware operations can scan for new, unpatched targets and compromise them before a human ever logs in. Closing that gap with an offline‑serviced image is one of the simplest yet most impactful changes an IT team can make.
Organizations that haven’t yet incorporated this into their image build process should prioritize it in their next build cycle. Back up your images, download the official package from Microsoft, run the PowerShell script, validate the result, and promote the serviced image to production. The alternative — shipping a device with months‑old defenses — is no longer acceptable given the speed and scale of modern threats.