Forefront Client Security anti-malware client update: March 2011

Article ID: 2508823
Expand all | Collapse all

On This Page

Introduction

This article describes the Microsoft Forefront Client Security (FCS) anti-malware client issues that are resolved in the March 2011 update package.

Issues that this hotfix package resolves

Issue 1

Computers that are running Forefront Client Security (FCS) and that frequently operate on battery power do not update definitions at the scheduled time.
Resolution
This update contains changes for Forefront Client Security (FCS) to let a computer that operates on battery power update definitions at the scheduled time.

Issue 2

You cannot open a file that is encrypted by Prim'X ZoneCentral and that is located in a network shared folder on a computer that is running Forefront Client Security (FCS).
Resolution
The installer for this update package sets the AttachWhenLoaded registry value for the Windows Filter Manager to 1 on certain operating systems. For more information about the AttachWhenLoaded registry value and the applicable operating systems, visit the following MSDN website:
General information about the AttachWhenLoaded registry value and the applicable operating systems
(http://msdn.microsoft.com/en-us/library/ff539312(VS.85).aspx)


Issue 3

Some real-time protection errors occur on computers that are running Windows 2000 Server and that use Forefront Client Security (FCS).
Resolution
This update changes MpFilter.sys to resolve this issue and to replace the update that is described in the following article:
2459065
(http://support.microsoft.com/kb/2459065/ )
Real-time protection fails on Windows 2000 after you apply the Forefront Client Security October 2010 update

Back to the top | Give Feedback

MORE INFORMATION

Hotfix information

A supported hotfix is available from Microsoft.

Note This hotfix is available from Microsoft Update and from Windows Server Update Services (WSUS). If you want to obtain the hotfix for deployment by using a different method, follow these steps:
  1. Visit the following Microsoft Update Catalog website:
    http://catalog.update.microsoft.com/v7/site/Home.aspx
    (http://catalog.update.microsoft.com/v7/site/Home.aspx)
  2. Type 2508823 in the Search box, and then click Search.
  3. Click Add to add the hotfix to the basket.
  4. Click Download.
  5. Click Browse, specify a folder for the file that you want to download, and then click OK.
  6. Click Continue, and then click I Accept to accept the Microsoft Software License Terms.
  7. When the update is downloaded to the folder that you specified, click Close.

Prerequisites

There are no prerequisites for installing this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix replaces the anti-malware client that is deployed by using the Forefront Client Security deployment package (1.0.1725.0).
2394439
(http://support.microsoft.com/kb/2394439/ )
Forefront Client Security deployment package (1.0.1728.0): October 2010
This hotfix replaces the following hotfixes:
2394433
(http://support.microsoft.com/kb/2394433/ )
Forefront Client Security antimalware client update: October 2010
2459065
(http://support.microsoft.com/kb/2459065/ )
Real-time protection fails on Windows 2000 after you apply the Forefront Client Security October 2010 update
979536
(http://support.microsoft.com/kb/979536/ )
Forefront Client Security anti-malware client update: April 2010
976668
(http://support.microsoft.com/kb/976668/ )
Forefront Client Security anti-malware client update: December 2009
971026
(http://support.microsoft.com/kb/971026/ )
A hotfix is available to resolve some problems with the Forefront Client Security anti-malware client
952265
(http://support.microsoft.com/kb/952265/ )
Data corruption may occur on a computer that has Forefront Client Security installed
938054
(http://support.microsoft.com/kb/938054/ )
A hotfix is available to resolve some problems with the Forefront Client Security client
956280
(http://support.microsoft.com/kb/956280/ )
The Forefront Client Security kernel-mode mini-filter unloads when you browse a network file share that contains many malicious files

File information

The English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Forefront Client Security, x86-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTime
Amhelp.chmNot Applicable65,21619-Jul-201000:51
Mpasbase.vhd1.0.0.0572,72019-Jul-201000:52
Mpasdesc.dll1.5.1996.049,02402-Feb-201116:42
Mpasdlta.vhd1.0.0.09,00819-Jul-201000:52
Mpavbase.vhd1.0.0.0204,62419-Jul-201000:52
Mpavdlta.vhd1.0.0.09,04019-Jul-201000:52
Mpavrtm.dll1.5.1996.0128,38402-Feb-201116:23
Mpclient.dll1.5.1996.0367,48802-Feb-201116:23
Mpcmdrun.exe1.5.1996.0349,06408-Jan-201122:06
Mpengine.dll1.1.3520.03,308,62419-Jul-201000:52
Mpevmsg.dll1.5.1996.023,42402-Feb-201116:42
Mpfilter.sys1.5.1996.071,29602-Feb-201116:14
Mpoav.dll1.5.1996.092,03202-Feb-201116:23
Mprtmon.dll1.5.1996.0731,00802-Feb-201116:23
Mpsigdwn.dll1.5.1996.0129,92002-Feb-201116:23
Mpsoftex.dll1.5.1996.0518,01602-Feb-201116:23
Mpsvc.dll1.5.1996.0319,87202-Feb-201116:23
Mputil.dll1.5.1996.0177,02402-Feb-201116:23
Msascui.exe1.5.1996.01,033,60002-Feb-201116:23
Msmpcom.dll1.5.1996.0221,05602-Feb-201116:23
Msmpeng.exe1.5.1996.016,89608-Jan-201122:06
Msmplics.dll1.5.1996.09,08802-Feb-201116:23
Msmpres.dll1.5.1996.0766,33602-Feb-201116:42

Forefront Client Security, x64-based versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTime
Amhelp.chmNot Applicable65,21619-Jul-201000:51
Mpasbase.vdm1.0.0.0572,72019-Jul-201000:52
Mpasdesc.dll1.5.1996.049,53602-Feb-201118:18
Mpasdesc.dll (x86 directory)1.5.1996.049,02402-Feb-201116:42
Mpasdlta.vdm1.0.0.09,00819-Jul-201000:52
Mpavbase.vdm1.0.0.0204,62419-Jul-201000:52
Mpavdlta.vdm1.0.0.09,04019-Jul-201000:52
Mpavrtm.dll1.5.1996.0155,00802-Feb-201117:58
Mpclient.dll1.5.1996.0547,71202-Feb-201117:58
Mpclient.dll (x86 directory)1.5.1996.0367,48802-Feb-201116:14
Mpcmdrun.exe1.5.1996.0504,62408-Jan-201123:46
Mpengine.dll1.1.3520.04,431,95219-Jul-201000:52
Mpevmsg.dll1.5.1996.023,42402-Feb-201118:18
Mpfilter.sys1.5.1996.091,52002-Feb-201116:14
Mpoav.dll1.5.1996.0117,63202-Feb-201117:58
Mpoav.dll (x86 directory)1.5.1996.092,03202-Feb-201116:14
Mprtmon.dll1.5.1996.01,181,05602-Feb-201117:58
Mpsigdwn.dll1.5.1996.0179,58402-Feb-201117:58
Mpsoftex.dll1.5.1996.0791,42402-Feb-201117:58
Mpsvc.dll1.5.1996.0438,65602-Feb-201117:58
Mputil.dll1.5.1996.0247,16802-Feb-201117:58
Mputil.dll (x86 directory)1.5.1996.0177,02402-Feb-201116:14
Msascui.exe1.5.1996.01,636,73602-Feb-201117:58
Msmpcom.dll1.5.1996.0305,53602-Feb-201117:58
Msmpeng.exe1.5.1996.016,38408-Jan-201123:46
Msmplics.dll1.5.1996.09,08802-Feb-201117:58
Msmplics.dll (x86 directory)1.5.1996.09,08802-Feb-201117:58
Msmpres.dll1.5.1996.0764,28802-Feb-201118:18
Back to the top | Give Feedback

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Back to the top | Give Feedback

MORE INFORMATION

This update is included in a new slipstream installation package of the Forefront Client Security client software. For more information about the slipstream installation package, click the following article number to view the article in the Microsoft Knowledge Base:
2508824
(http://support.microsoft.com/kb/2508824/ )
Forefront Client Security deployment package (1.0.1736.0): March 2011
Back to the top | Give Feedback



Known Issues

Microsoft has identified an issue when this update is installed on Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2, that may cause the antimalware agent to be removed when using the Windows install updates and shut down feature to apply this update. For more information on this issue see the following article:

2524280
(http://support.microsoft.com/kb/2524280 / )
Antimalware agent is removed after you apply Forefront Client Security March 2011 update when using install updates and shut down


Back to the top | Give Feedback

Properties

Article ID: 2508823 - Last Review: March 22, 2011 - Revision: 2.0
Keywords: 
kbqfe kbhotfixserver kbfix kbexpertiseinter kbsurveynew fep2010swept KB2508823
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top