The built-in Windows 11/10 antivirus regularly updates virus and other threat definitions by searching for and installing protection system updates.
Some users may encounter an error message in the Windows Security window, under Virus & threat protection updates — Defender updates, stating “Failed to update the protection system definition” with various code options: 8024402c, 80072f8f, 80070003, and others. These instructions explain how to fix such errors.
Possible causes of errors and how to fix them
The “Failed to update protection system definitions” error in Microsoft Defender is most often caused by the following reasons:
- Unavailability of Microsoft servers used for updates (operator block, disabling access to servers on your side).
- Policies configured by you, third-party software (including malicious software), or the author of the “build” (if you are using a non-genuine version of Windows), disabled services.
- Accidental OS crashes, damage to system files.
In all cases except for the second point, it is usually relatively easy to fix the situation and install definition updates (for the protection system).
You can use the following solutions:
- Restart your computer and your Wi-Fi router (if you use it to connect to the Internet). This sometimes solves the problem, especially if everything was working fine before.
- Download security updates manually from the official website and run the installer. Most users require the 64-bit version.
- If the problem has arisen recently and updates were previously installed, use system restore points. If there are none, try restoring system files using commands (run in the command prompt as an administrator; the first one may “freeze” for a long time, which is normal behavior).
- Check that no security system update policies are configured. If you have Windows 11/10 Pro or Enterprise installed, press the Win+R keys on your keyboard, type gpedit.msc and press Enter, go to Computer Configuration — Administrative Templates — Windows Components — Microsoft Defender Antivirus — Security Updates.
By default, all policies in this section should be set to “Not Configured.” If the values for any policies are different, double-click on them and set the value to “Not Configured.” - If you have Windows Home Edition and the Local Group Policy Editor is not available, press the Win+R keys on your keyboard, type regedit and press Enter, go to the section. If the specified section exists (by default, it does not) and contains values, delete them.
- Try resetting the Windows Update components using PowerShell and restart your computer.
- If you suspect that the errors are the result of malware, run a scan with KVRT, and if that doesn’t work, run Kaspersky Rescue Disk (which works independently of the system).
