It would be nice if you could mention the original links / sources in OP, how are you authoring these cabs and if it can be automated via a diy script. The integration script can be provided right at OP in a code block and/or attached as zip for more transparency. And using google drive links is less accessible and more volatile than for example a github, but still better than mediafire & co People are naturally circumspect (or at least they should be) when it comes to stuff touching the core defense mechanisms of windows. And because I and probably others don't feel like checking each file for having a valid digital signature, I present a 3rd-party verify script: Code: @(set `" <#=")& echo off & title Defender Update Kit Verification Tool v1.6 set "0=%~f0"&set 1=%*& powershell -nop -c iex ([io.file]::ReadAllText($env:0)) &exit/b || #>) $messages = @{ WARN_DEFENDER_CABS_MISSING = " Place this script in the same folder as Defender Update cabs " WARN_DIGITAL_SIGNATURES_ERR = " ERR! " WARN_DIGITAL_SIGNATURES_OK = " OK! " } cd -Lit(split-path $env:0) $x86 = gci defender-dism-x86*.cab | sort creationtime | select-object -last 1 $x64 = gci defender-dism-x64*.cab | sort creationtime | select-object -last 1 $arm64 = gci defender-dism-arm64*.cab | sort creationtime | select-object -last 1 if ($null -eq $x86 -and $null -eq $x64 -and $null -eq $arm64) { write-host -fore black -back yellow $messages.WARN_DEFENDER_CABS_MISSING; choice /c EX1T; exit 1 } $root = "defender-dism"; ri $root -recurse -force -ea 0|out-null; ni $root -item directory -force -ea 0|out-null if ($x86) {ni "$root\x86" -item directory -force -ea 0|out-null; expand -R $x86.Name -F:* "$root\x86"} if ($x64) {ni "$root\x64" -item directory -force -ea 0|out-null; expand -R $x64.Name -F:* "$root\x64"} if ($arm64) {ni "$root\arm64" -item directory -force -ea 0|out-null; expand -R $arm64.Name -F:* "$root\arm64"} $ext = '.exe .dll .mui .sys .ax .ocx .cpl .scr .msu .msi .Msix .msixbundle .appx .appxbundle .cab .cat .cdxml .ps1xml .psd1 .psm1' $filter = $ext.Split(); $err = @() gci $root\*.* -file -recurse | foreach-object { if ($filter -contains $_.Extension) { $sig = Get-AuthenticodeSignature $_ if ($sig.status -eq 0) { $sig.SignerCertificate| add-member Thumbprint $sig.SignerCertificate.Subject.Split('=')[1].Trim(', O').Trim(', OU') -force write-output $sig } else { $err += "Invalid "+$_.FullName+"`nModified "+$_.LastWriteTime+" Size "+$_.Length+"`n" } } } write-host if ($err.length -eq 0 -and ($x86 -or $x64 -or $arm64)) { write-host -fore yellow -back darkgreen $messages.WARN_DIGITAL_SIGNATURES_OK } else { write-output $err; write-host -fore yellow -back darkred $messages.WARN_DIGITAL_SIGNATURES_ERR } write-host choice /c EX1T #,# AveYo and steven4554 Save as defender_update_kit_verify.bat in the same folder as Defender Update Kit cabs It will extract cabs in a defender-dism folder, then run Get-AuthenticodeSignature powershell cmdlet on all sensitive files. Hope it helps someone. [update] 2021.08.10: +fix arm64 support from steven4554 2021.09.15: enhanced output 2021.09.16: improve output speed
Thanks for the feedback, and for further improving the PowerShell script. I cannot release information regarding how I make the cabinet files, but you can be assured that the files contained inside the cabs have not been touched and come directly from the websites I already stated. But I do listen to feedback, in fact I welcome it good and bad. Anything to help further improve this project is appreciated.
Not available on MS Catalog yet, if anyone have the direct download links to v4.18.2104.5 it would be appreciated.
I am glad i made a screenshot, else nobody would have believed me i regret not using wumt to be able to fetch you the ddl
Thanks, but the cabs on that MS website, are now out of date. Plus, MS only updates once a month now. It wouldn't surprise me when they do stop making cabs altogether.