Installing System Center Endpoint Protection on Windows 10

July 2015: Now that Windows 10 is RTM, is strongly recommend upgrading your SCCM infrastructure to the appropriate service pack. SCCM 2012 SP2 (or SCCM 2012 R2 SP1) provides native support for Windows 10. If you experience issues past the Service Pack upgrade, please consult your Microsoft Support contacts.

With Windows 10, you do not need to deploy SCEP as SCCM Can now manage Windows Defender out of the box:

Leaving this workaround up now that a supported process is in place, I fear that some may try to implement this non-support workaround in a production environment.



17 thoughts on “Installing System Center Endpoint Protection on Windows 10

  1. Hi Noah…. great… !
    I tried but fails in the last install (epp.msi)…
    I’m trying to use it “stand-alone” like in my previous SCEPInstall in Win 8 and 8.1…
    Must I change some parameter in the last step ?


  2. Looks like with build 9926 this no longer works. If you run an OS upgrade scep is uninstalled even. I’ve submitted the feedback to Microsoft so we’ll see how fast this gets fixed!

    • Hi Noah…. I’m in 9926 and it’s working… just needed to run (at least the last step) in an Elevated Command prompt…
      Kind Regards !

  3. I just got this to work on Build 9926 x64 – thank you! I’m not sure yet if it’s hooked in to my SCCM environment, but at least SCEP is installed and updating from Microsoft directly for now. Thanks for figuring this out and sharing!

  4. On the latest build (10122) the setup file seems to work normally. But instead of installing SCEP, it adds a “Managed Windows Defender” folder to program files.

  5. Hi, FYI you can easily obtain the required files from the SCEPInstall.exe file via running the below command line from a command prompt:

    SCEPInstall.exe /extract

    You are then prompted to enter a path for the extracted files.

  6. The installation works fine this way. But when I tested with an Eicar text string something went wrong. The text file was detected as malware and put in quarantine. But when I open History and try top view details there is an error code 0x8007000d.

  7. I’m just installed the RTM verison (Build 10240) and when I try these steps a message comes up saying “A newer version of the program is already installed on this system” There is no mention of SCEP in Programs or Features or in C:\program files. Any idea what could be causing this?

    • It seems that SCEP is replaced/swapped with Windows Defender. After updating to 10240 I only see Defender, yet it still shows the name of my SCEP Offices policy in Help –> About…

  8. Hi,

    All installed OK, and even via MDT

    Antimalware Client Version:
    Engine Version: 1.1.11903.0
    Antivirus definition: 1.203.1805.0
    Antispyware definition: 1.203.1805.0
    Network Inspection System Engine Version: 2.1.8904.0
    Network Inspection System Definition Version: 17.921.0.0

    HOWEVER, if you try to make a change (such as “Check for latest virus defs before running a scan”), and hit “Save Settings”, you get an Error – “The data is invalid, click Help for more info about hits problem”, the help of which, give no help.

  9. Ok, I have got a little further on our systems. The original client (4.3,2.220.0 as seen above) isn’t going to install, and in MS’s wisdom, updates are provided by Windows Updates so you can’t actually download the client download the new client. However, if you have a WSUS server, you can extract the update.

    I created a view filter in WSUS for the ‘Forefront Endpoint Protection 2010’ product (which is how SCEP is still seen). In the List, I can home in on in he SCEP 2012 client, and check its “File Information. This will give you the URI of the file and is WSUS name, which is a long string of number a characters.This was:


    This is the SCEPInstall.exe you are used to. Run the installer no machines that have the incorrect client forced onto them, it will uninstall that client and attempt to reinstall the new client. On my test machine, this failed, so required a reboot, but then another install an all worked as expected. Another reboot, and we were in business. The next Windows Update, should update this client to

    BUT….. Although the SCEP 2012 client shows as installed in “Programs and Features”, it is Windows Defender GUI that still remains active. I tried installing the “updateinstall.exe” (also extracted from WSUS in the same fashion) to take the client to, but this failed.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s