Microsoft Defender for Endpoint is dysfunctional on Windows Servers running Server Core. Microsoft confirms the existence of an issue that makes it impossible for users to launch Defender for Endpoint on Windows Servers.

To protect an endpoint, Microsoft Defender for Endpoint must be running on an endpoint. Currently, the software is unable to run consistently on Windows Servers with Server Core.

Recent updates to Windows 10 are the culprit ( KB5007205 and KB5007206 ). Note that not all devices with a Windows 10 installation are affected. The presence of a Windows Server Core installation is a prerequisite.

Server Core is an installation option for Windows Server. Ironically, Microsoft describes the installation option as highly secure. The aforementioned updates bring that assertion into question.

After applying the update on an endpoint with a Windows Server Core installation, Defender for Endpoint works erratically. The software may refuse to start up. The technological cause is unclear. Microsoft confirmed the problem, says it is working on a solution, but has yet to provide information on whether and when the problem will be fixed.