I was trying to add Microsoft Defender exceptions via PowerShell to a clients server (Windows Server 2016 if that matters) the other day and it was always failing – the error was:
PS> Add-MpPreference -ExclusionExtension .config
Add-MpPreference : Failed to modify preferences.
At line:1 char:1
+ Add-MpPreference -ExclusionExtension .config
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Add-MpPreference],
CimException
+ FullyQualifiedErrorId : HRESULT 0x8007007e,Add-MpPreference
This was returning “Failed to modify preferences” on the Add-MpPreference cmdlet and the error code 0x80070073
To fix I needed to uninstall Windows Defender and reboot and then reinstall it.
This was the following cmdlets, with the reboot indicated between them:
Uninstall-WindowsFeature -Name Windows-Defender
#Reboot here
Install-WindowsFeature -Name Windows-Defender
Install-WindowsFeature -Name Windows-Defender-GUI
#Reboot here (again)
Once this was done I was able to add Defender exceptions. The addition of exceptions also failed when done via the Defender Settings application as well (it asks you to authenticate and fails). This also worked after the uninstall/reinstall:
Leave a Reply