How to manually update the antivirus scan engines in Microsoft Forefront server security products and how to redistribute antivirus engine updates from a computer that does not have Forefront Server Security installed

This article describes how to manually update the antivirus scan engines in Microsoft Forefront Security for Exchange Server, Microsoft Forefront Security for SharePoint or in Microsoft Forefront Security for Office Communications Server. You may have to do this if you experience issues with the updates.

This article also describes how to update the antivirus scan engines from a computer that does not have the Microsoft Forefront server security products installed.

To manually update the antivirus scan engines in Forefront Server Security products and to update the antivirus scan engines from a computer that does not have these products installed, follow these steps.

Note These steps apply to both scenarios. However, in the first scenario, you can follow the steps on the Forefront server or on a remote server for a Universal Naming Convention (UNC) update. For more information about how to configure and perform UNC updates, see the Forefront Security for Exchange Server User Guide, the Forefront Security for SharePoint User Guideor the Forefront Security for Office Communications Server User Guide.

1. Create a local directory structure on the computer on which you want to download the scan engine updates. To do this, follow these steps:
   1. Create a directory. For example, create a directory that is named "ScanEngineUpdates."
      
      Note This directory is named $(ScanEngineUpdateRoot) in the following steps.
   2. Set the NTFS file system and share permissions on the directory so that the target Forefront servers have access to the directory.
   3. Create subdirectories for each scan engine update that you plan to download. To do this, type the following sample commands at a command prompt:
      • mkdir $(ScanEngineUpdateRoot)\Microsoft
      • mkdir $(ScanEngineUpdateRoot)\Norman
   4. Create a directory that is named "Package" under each engine-specific directory that you created in step 1c. To do this, type the following sample command at a command prompt:
      mkdir $(ScanEngineUpdateRoot)\Microsoft\Package
   5. Create a directory that is named "Temp" under each engine-specific directory that you created in step 1c. To do this, type the following sample command at a command prompt:
      mkdir $(ScanEngineUpdateRoot)\Microsoft\Temp
2. Determine the version number of the scan engine that is available for download. To do this, follow these steps:
   1. To download the latest manifest file, visit the following Microsoft Web site:
      http://forefrontdl.microsoft.com/server/scanengineupdate/x86/<ScanEngineName>/Package/manifest.cab (http://forefrontdl.microsoft.com/server/scanengineupdate/x86/<scanenginename/package>/manifest.cab)
      Note Replace ScanEngineName with the name of the scan engine for which you are downloading the manifest file.
   2. Save the manifest file in the "Temp" directory that you created in step 1e. For example, save the file in the following location:
      $(ScanEngineUpdateRoot)\Microsoft\Temp\Manifest.cab
   3. Extract the enclosed Manifest.xml file from the .cab file that you downloaded and saved in steps 2a and 2b.
   4. Open the Manifest.xml file by double-clicking the file.
   5. Note the version number of the engine that is included in the Manifest.xml file.
      
      Note If the version number is the same as the version number that is currently installed, you do not have to update the engine. If the version number is older than the version number that is currently installed, replace the URL with the secondary download URL that is configured in Forefront Server Security Administrator, and then repeat steps 2a through 2e. If no secondary download URL is configured, do not continue the manual update procedure.
   6. Create a directory under the "Package" directory of the corresponding engine, and then use the version number that you noted in step 2e to name the directory. To do this, type the following sample command at a command prompt:
      mkdir $(ScanEngineUpdateRoot)\Microsoft\Package\VersionNumber
      Note Replace VersionNumber with the version number of the scan engine.
   7. Copy the Manifest.cab file that you downloaded and saved in step 2b to the directory that you created in step 2f. For example, at a command prompt, type the following sample command to copy the file:
      copy $(ScanEngineUpdateRoot)\Microsoft\Temp\Manifest.cab $(ScanEngineUpdateRoot)\Microsoft\Package\VersionNumber\Manifest.cab
      Note Replace VersionNumber with the version number of the scan engine.
3. To download the .cab file of the latest scan engine update, visit the following Microsoft Web site:
   http://forefrontdl.microsoft.com/server/scanengineupdate/x86/<EngineName>/Package/<PackageVersion>/EngineName_fullpkg.cab (http://forefrontdl.microsoft.com/server/scanengineupdate/x86/enginename/package/packageversion/enginename_fullpkg.cab)
   Note Replace the placeholders in the URL by using the values that are described in the following table.
   Collapse this tableExpand this table

   EngineName	The scan engine name for which you are currently downloading the updates.
   PackageVersion	The version number of the scan engine that you noted in step 2e.

   For example, use an URL that resembles the following:
   http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Microsoft/Package/607210002/Microsoft_fullpkg.cab (http://forefrontdl.microsoft.com/server/scanengineupdate/x86/microsoft/package/607210002/microsoft_fullpkg.cab)
4. Copy the ScanEngineName_fullpkg.cab file to the VersionNumber directory. For example, at a command prompt, type the following command to copy the file:
   Copy $(ScanEngineUpdateRoot)\Microsoft\Temp\Microsoft_fullpkg.cab
5. Repeat steps 1 through 4 for each scan engine that requires manual updates.
6. To make incremental updates of the scan engines manually, extract the contents in the EngineName_fullpkg.cab file to the version-specific directory of each engine. For example, at a command prompt, type the following command:
   expand $(ScanEngineUpdateRoot)\Microsoft\Package\VersionNumber\Microsoft_fullpkg.cab -F:* $(ScanEngineUpdateRoot)\Microsoft\Package\VersionNumber\
7. To make the engine update package available for use, copy the version-specific Manifest.cab file to the engine’s Package directory. For example, at a command prompt, type the following command to copy the file:
   copy $(ScanEngineUpdateRoot)\Microsoft\Package\VersionNumber\manifest.cab $(ScanEngineUpdateRoot)\Microsoft\Package\
   Note You must repeat step 7 for the engines that require manual updates.
8. You can now configure Forefront server to download updates from the $(ScanEngineUpdateRoot)\ directory by using a UNC path of a share name, such as \\server_name\share_name.
9. Delete all files from the engine-specific "Temp" directory that you created in 1e. For example, at a command prompt, type the following command to delete all the files from the "Temp" directory:
   del $(ScanEngineUpdateRoot)\Microsoft\Temp\*.*