System center Endpoint Protection client on machines fail to update manually with error message: Virus and spyware definitions update failed with error code 0x80248014
Upon investigation it is found that you need to have internet access on client machines and that has to be defined in the SCEP client settings to go to alternate update sources other than SCCM server which is hosting WSUS server role; that is definition update source as updates distributed from Microsoft update sources.
In case the above setting is not present then there is alternate solution for this issue which is described under Microsoft article: https://support.microsoft.com/en-us/kb/935934#/en-us/kb/935934 simply download this KB and manually install on the machine which will fix this issue but this is a one time fix.
If you want your SCEP clients get updated when you want to click on update button on SCEP client applet without the above error then you have to get the windows update setting changed in order to assist your client in this scenario, follow the following settings which is described under: https://support.microsoft.com/en-us/kb/2832355#/en-us/kb/2832355
1. Open Control Panel
2. Click System and Security
3. Click Windows Update
4. Click Change Settings
5. Check the checkbox "Give me updates for other Microsoft products when I update Windows"
6. Click OK
Note: I assume you have the infrastructure set up to take care of the definition updates using SCCM-WSUS the normal way.
Upon investigation it is found that you need to have internet access on client machines and that has to be defined in the SCEP client settings to go to alternate update sources other than SCCM server which is hosting WSUS server role; that is definition update source as updates distributed from Microsoft update sources.
In case the above setting is not present then there is alternate solution for this issue which is described under Microsoft article: https://support.microsoft.com/en-us/kb/935934#/en-us/kb/935934 simply download this KB and manually install on the machine which will fix this issue but this is a one time fix.
If you want your SCEP clients get updated when you want to click on update button on SCEP client applet without the above error then you have to get the windows update setting changed in order to assist your client in this scenario, follow the following settings which is described under: https://support.microsoft.com/en-us/kb/2832355#/en-us/kb/2832355
1. Open Control Panel
2. Click System and Security
3. Click Windows Update
4. Click Change Settings
5. Check the checkbox "Give me updates for other Microsoft products when I update Windows"
6. Click OK
Note: I assume you have the infrastructure set up to take care of the definition updates using SCCM-WSUS the normal way.
