Microsoft announced a new tool that helps system admins update the Defender security package within the Windows installation images that are VHD or WIM supported. It is created especially for enterprise environments. Usually, these environments have mass installation and servicing of servers and workstations using installation images.
Read More: How to help Non-Tech Board members understand Cyber Risks
Most of these images are generally reused for months, and the default antivirus (Microsoft Defender) package of the system would end up getting installed from an old detection database. The latest Windows OS will update the antivirus package, but Microsoft said that the practices generally create a “protection gap” that leaves the system vulnerable and open to attacks.
Source: Zdnet