Windows 10: Does Defender forget defined exclusions?

[German]Has anyone noticed the problem with Defender in Windows 10 that the virus protection suddenly loses defined exclusions for scans? Here is some information on this issue. Addendum: The bug has been fixed.


Background information: I received a mail from the German heise editorial team informing me about an observation, a reader made. Its a strange behavior in Windows Defender. Since there were only on e mention within the Internet yet, I am posting it here in the blog in consultation with heise. The reader Rene S. describes the following observation on October 23, 2020 (translated):

Exclusions in Windows Defender disappeared

Hello dear heise editorial team,

I noticed today that with Windows Defender all my exclusions have disappeared or are no longer visible. Also it is not possible to create new exclusions. In the latter case there is no error message, but after confirmation nothing is displayed, as if you had not done anything.

Antimalware client version: 4.18.2010.4
module version: 1.1.17500.4
Antiviren-Version: 1.325.1286.0
Antispyware-Version: 1.325.1286.0

However, I myself suspect that the exclusions are not completely gone, they are just not apparent. Because after a quick scan today, the obligatory message "Items skipped during scan", which actually only appears when exclusions are added, was displayed after the process was completed.

So far I could only find a thread about this topic in the forum of from October 22nd, 2020, which also reports about it but no solution.

I have Windows 10 myself and yesterday I updated to 20H2. But I think the problem is not Windows itself but Windows Defender.

In the discussion at it turns out that it might be the Defender update of the anti-malware client version: 4.18.2010.4. The problem seems to be still continuing. Anyone of you who has the problem and can confirm it?

Addendum: Strange thing

As it's mentioned within the comments below, Antimalware engine 4.18.2010.4  isn't official distributed by Microsoft. The reader contacted me with a 2nd mail and wrote.

The strange thing about this version 4.18.2010.4 of Defender is that it is not officially distributed by Microsoft. Also via Microsoft's update catalog, the KB4052623 ( currently only offers the client version 4.18.2009.7 and the older version 4.18.2001.10.

According to the forists at or the thread I mentioned, this version of Defender was only distributed in the DEV channel so far. But since I only use a local account for this Windows installation and I'm not logged on to the insider program of Microsoft, I'm more wondering why this version of Defender was installed on my computer at all and why it is reinstalled in the background after I went online and let Windows check for updates.

I'm running a VM with Windows 10, where I'm logged in to the Insider program (Release Preview Channel) for testing purposes, but this Windows account is not used by the host system, but only by VW. The VW Windows was also activated by a separate Windows key. In the host system, where I received the client version 4.18.2010.4 of the Defender and, if I go online, continue to receive it, the Windows account is only logged on in the Microsoft Store. However, this should not be the cause.

I myself will try, probably tonight, the workaround from the forum of and hide the update KB4052623, with the client version 4.18.2010.4 of the Defender or – I'm still thinking about it – do an in-place update, because I'm back yesterday on a backup with Windows 10 2004 from October 3rd, 2020 and the PC is or was offline since then, on Windows 20H2. But I will do the Inplace Update offline to be on the safe side, in case the client version 4.18.2010.4 of the Defender is used during the update process. Because, as far as I know, the client version 4.18.2009.7 is integrated via the current MCT of 20H2.

So we have no idea what happened, but it's not a single isolated case.

Addendum: The bug has been fixed. German blog reader Tom informed me today (Oct. 29,2020), that an update of anti malware client to version 4.18.2010.6 fixed the issue. The excludes are shown again – simply a "Bug as a service"…


Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Windows and tagged , , . Bookmark the permalink.

4 Responses to Windows 10: Does Defender forget defined exclusions?

    • guenni says:

      @Julia: Thx for the hint, didn't found that link this night. Have also a few confirmation within my German blog.

  1. EP says:

    how or where did that person get the 4.18.2010.4 anti-malware client version, guenni?

    latest available anti-malware client version from MS Update Catalog so far is 4.18.2009.7 and I am unable to reproduce nor encounter the problem

    • guenni says:

      That's a mystery, like the person told me in a private message. I've added now the translated text I received an hour ago with the text above.

Leave a Reply

Your email address will not be published. Required fields are marked *