?? ???????? Forefront ??????? ??????? anti-??????? ??????? ?? ??? ??? ?????? ?? ?? ???? ?? ??? ?????? ??

???? ID: 971026 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
???? ?????? ???????????? ?????? ???????? KB ?? ???????? ????? ?? ??? ???? ????? ????
??? ?? ??????? ???? | ??? ?? ??????? ????

?? ????? ??

?? ???? ????? ???? ?? ?? Microsoft Forefront ??????? ??????? (FCS) anti-??????? ??????? ???????? ?? Forefront ??????? ?? ??????? ?? ??? ???????? ?????? ??? ??? ???? ??? ????
????? ?? ???? ???? | ??????????? ???

?????

???????? ?? ?? ???? ?? ?? ???????? ?????

?????? 1

??????? ????????? evolved ??, ?? ??????? ???? ?????? ?? ??? ????? ?? ??? ?? ??????? ?? ???????? ???
???????????
Forefront ??????? ?? ??????? ???? ?? ??? ??? ?????????????? ?????????? ?? ??? ????? ?? ??? ?? ???????? ????? ???? ???? ?? ?? ?? ???????? ?? ????? ???? ?? ??? ?? ???????? ?? ???? ???? ?????? ??? ?? ???????? ?? Forefront ??????? ??????? ??????-??? ??????? ??? ???????? ????? ????

?????? 2

?? ???? ??????? anti-??????? ?????????? ???????? ?? ??? ?????????? Explorers ?? prematurely ???????? ?? ?? Windows 2000 ??? ?? ?? ???? ??????? ?? ???? Windows ????????? ??????? ??? ????? ???
???????????
?? ???????? ?? COM ?????????? Explorers ??? ??? ????? ???? ???? ?? ?? ????? ??? ??? ???????? ???? ???? ??? ???????? ???? Windows 2000 ??? ????? ?? ?? ???? ?????? ?? ????? ??? ???? ??? ?? ?????? ?? ???? prematurely ???? ?????? ?? ??? ?????????? Explorers ?? ??? ???? ???

?????? 3

?????? ?? ?????MpCmdRun.exe - ??? ?????????? ???? ?? ?? ?? ??? ?????? ?? ?? ??? ?????? ?? ??? traces, ??? ????? ????? ??????? ??? ????? ?? ????? ???? ???? ??? tracing mini-filter ??????-??? ??? ?? ??? ?????? ???
???????????
MpCmdRun.exe - ??? ???????? ???? ?? ??? ?????? ?? ????? ???? ?? ??? ???? ??? ??????-??? mini-filter ??? ?? ?????? ??? ???? ?? ??? ????? ????? ???: ??? ?? ???? ?? ??? ?????? ???

?????? 4

Forefront ??????? ??????? ????? ????????? ??? ?? ??????? ????? ??? ???????? ???? ??? ?? ?? ??????? ????? ?? ?? ??????? ???????? ?? ???? ????? ???? ??? ?? ?????? ??? ?? ??????? ????? ???????? ???? ??? ????? ???? ??? ??:
939361
(http://support.microsoft.com/kb/939361/ )
????????? ??? ?? ????? ??????? ??????? ????? ??? ???????? ???? ??? ?? ?? ??? ??????? ???????? ?? ??? ????? ????? ???? ??? ?? forefront ??????? ???????
???????????
?? ?????? ?? ?? ?? Forefront ??????? ??????? (FCS) ????? ???? ?????? ?? ?????? ?? FCS ???? ?????? ?? ?????? ?? ??? FCS ???? ?? ????? ??????? (.lnk) ??????? ?? ????? ?????? ??? ????? ?? ?? ???? ?? ??? ??????? ????? ?? ?????? ?? ??? ???????? ???? ?? ?? ???? ???? ??????? ???????? ?? ?? ??, ??? ???? ?? ???????? ????? ????? ?????? ??? ?? ?? ???? ??????? ????? ??, ???? ?????? ?? ????? ???? ??????

?? 2009 ???? ??????? ?? ??? 1.1.4701.0, 1.59.3.0 ??????? ?????? ?? ?????? ???? ??? ?? ?? ?? ???? ??????? ?? ????? ?? ??? ?? ???????? ?? ?? ??? ???????? ??? ??, ??????? ?? ????? ?? ??? ?? ??? ??????? ????? ???? ??? ?? ?????? ?? ????? ???? ?? ??? ??? ????? ????? ???? ?????:
  • ??????? ?????? ??????? 1.59.3.0 ?? ?????? ??????? ??????? ?????
  • ?? ???? ??? ?????? anti-??????? ??????? ?????? ??????? ?????
  • ???? ??????????? ????? ??? ?????? ???? ???? "???? ???????"?? ???? ??? ????

?????? 5

On a system drive that is a dynamic disk volume, the detected malware causes repeated detections and creates excess files.
???????????
This issue is corrected so that detections on a system drive that is a dynamic disk volume do not cause repeated detections or unnecessary files.

?????? 6

The Windows 7 Actions Center produces a Virus Protection message: ?Forefront Client Security is on but is reporting its status to Windows Security Center in a format that is no longer supported. Use the program?s automatic updating feature, or contact the program manufacture for an updated version.?
???????????
This update contains changes in how Forefront Client Security interacts with the Windows Security Center and is required for support on Windows 7.
????? ?? ???? ???? | ??????????? ???

???????? ???????

?? ??????? ????????? Microsoft ?? ?????? ??..

???:?? ???????? ?? Windows ????? ?????? ???? ?? ?? Microsoft ?????? ?? ?????? ??? If you want to obtain the file for deployment by using a different method, follow these steps:
  1. ????? Microsoft ?????? ?????? ??? ???? ?? ????:
    HTTP://catalog.Update.Microsoft.com/v7/site/Home.aspx
    (http://catalog.update.microsoft.com/v7/site/Home.aspx)
  2. ??????:971026????????????? ???, ?? ???? ??????.
  3. ????? ????,add??????? ?? ??? ???????? ???????
  4. ??? ????? ?? ???? ??? ???, ?? ??? ????? ????????? ???????????.
  5. ????? ????,??????? ????.
  6. ????? ????,???????, ?????? ?? ???????? ??????? ????, ?? ???? ??? ??????? ????????? ????OK.
  7. ????? ????,???? ?????? ????-????? ????, ?? ???? ??????? ??????? ??Microsoft ?????????? ??????? ?????? ?? ??????? ???? ???? ?? ???? ???????? ??????? ?? ??? ??????? ???? ???
  8. Wait until the hotfix is downloaded to the specified location, and then click??? ????.

?? ?????? ?? ??? ????? ??????

This hotfix may not be installed when you use Windows Update to install updates on a computer that is running a Server Core installation of Windows Server 2008.?? ?????? ?? ???? ??? ???? ??????? ?? ???, ????? ???? ?????? ?? ????? ?? ???? ?? Microsoft ???????? ??? ?????::
955884
(http://support.microsoft.com/kb/955884/ )
Forefront ??????? ??????? (?????? 952265) ?? ??? ?????? ??????? ???? ?? Windows Server 2008 ?? ?? ????? ??? ??????? ?? ?? ?? Windows ?????? ?? ????? ???

??????????????

???? ?? ??? ???? ?? ?? ???????? ?? ??????? ???? ?? ??? ????

???? ??????? ????????

You must restart the computer after you apply this hotfix.

????????? ???????????? ???????

?? ???????? ?? ????? ?????????? ????? ??:
952265
(http://support.microsoft.com/kb/952265/ )
Forefront ??????? ?? ??????? ??????? ?? ?? ???? ???????? ?? ???? ????? ?? ???? ??
938054
(http://support.microsoft.com/kb/938054/ )
?? ???????? Forefront ??????? ??????? ??????? ?? ??? ??? ?????? ?? ?? ???? ?? ??? ?????? ??
956280
(http://support.microsoft.com/kb/956280/ )
The Forefront Client Security kernel-mode mini-filter unloads when you browse a network file share that contains many malicious files

????? ???????

The English version of this hotfix package uses a Microsoft Windows Installer package to install the hotfix package. ?? ??????? ?? ??? ?????? ?? ??? ????? ?????? ??? ??????? ????????? ??? (UTC) ??? ???????? ??.. ?? ?? ????? ??????? ????? ???, ?? ?????? ??????? ??? ??? ?????? ?? ???? ??.. "UTC ?? ??????? ??? ??? ???? ????? ?? ???, ???????? ??? ??? ""?????? ?? ??? ???"" ??? """"??? ???????"" "??? ???????? ???? ??? ?????? ?? ??? ???? ??? ???

Forefront Client Security, x86-based versions

?? ?????? ?? ??????? ?????? ?????? ?? ??????? ????
????? ???????? ?? ???????????? ?????????????:
Amhelp.chm???? ????65,21628-Oct-200817: 55
Mpasbase.vdm1.0.0.0572,72028-Oct-200817: 58
Mpasdesc.dll1.5.1972.049,02403-???-200922: 48
Mpasdlta.vdm1.0.0.09,00828-Oct-200817: 58
Mpavbase.vdm1.0.0.0204,62428-Oct-200817: 58
Mpavdlta.vdm1.0.0.09,04028-Oct-200817: 58
Mpavrtm.dll1.5.1972.0128,36803-???-200922: 29
Mpclient.dll1.5.1972.0366,44803-???-200922: 29
Mpcmdrun.exe1.5.1972.0349,04803-???-200922: 26
Mpengine.dll1.1.3520.03,308,62428-Oct-200817: 57
Mpevmsg.dll1.5.1972.023,42403-???-200922: 48
Mpfilter.sys1.5.1969.069,61615-??-200917: 35
Mpoav.dll1.5.1972.092,01603-???-200922: 29
Mprtmon.dll1.5.1972.0730,99203-???-200922: 29
Mpsigdwn.dll1.5.1972.0129,92003-???-200922: 29
Mpsoftex.dll1.5.1972.0518,01603-???-200922: 29
Mpsvc.dll1.5.1972.0304,51203-???-200922: 29
Mputil.dll1.5.1972.0177,02403-???-200922: 29
Msascui.exe1.5.1972.01,033,60003-???-200922: 29
Msmpcom.dll1.5.1972.0221,04003-???-200922: 29
Msmpeng.exe1.5.1972.016,88003-???-200922: 26
Msmplics.dll1.5.1972.09,08803-???-200922: 29
Msmpres.dll1.5.1972.0766,33603-???-200922: 48

Forefront ??????? ???????, x64-?????? ?????????

?? ?????? ?? ??????? ?????? ?????? ?? ??????? ????
????? ???????? ?? ???????????? ?????????????:
Amhelp.chm???? ????65,21628-Oct-200817: 55
Mpasbase.vdm1.0.0.0572,72028-Oct-200817: 58
Mpasdesc.dll1.5.1972.049,52004-???-200900: 36
Mpasdlta.vdm1.0.0.09,00828-Oct-200817: 58
Mpavbase.vdm1.0.0.0204,62428-Oct-200817: 58
Mpavdlta.vdm1.0.0.09,04028-Oct-200817: 58
Mpavrtm.dll1.5.1972.0154,49604-???-200900: 17
Mpclient.dll1.5.1972.0546,68804-???-200900: 17
Mpcmdrun.exe1.5.1972.0504,60804-???-200900: 15
Mpengine.dll1.1.3520.04,431,95228-Oct-200817: 57
Mpevmsg.dll1.5.1972.023,40804-???-200900: 36
Mpfilter.sys1.5.1969.088,94415-??-200917: 35
Mpoav.dll1.5.1972.0117,63204-???-200900: 17
Mprtmon.dll1.5.1972.01,181,05604-???-200900: 17
Mpsigdwn.dll1.5.1972.0179,58404-???-200900: 17
Mpsoftex.dll1.5.1972.0791,42404-???-200900: 17
Mpsvc.dll1.5.1972.0416,12804-???-200900: 17
Mputil.dll1.5.1972.0247,16804-???-200900: 17
Msascui.exe1.5.1972.01,636,73604-???-200900: 17
Msmpcom.dll1.5.1972.0305,53604-???-200900: 17
Msmpeng.exe1.5.1972.016,36804-???-200900: 15
Msmplics.dll1.5.1972.09,08804-???-200900: 17
Msmpres.dll1.5.1972.0764,28804-???-200900: 36
????? ?? ???? ???? | ??????????? ???

???? ???????

???????? ??? ??, ?? ??????? ???????? ??????? 4 ?? ?????? ?? ?????? ??? ?????? ????? ???? ??? ?? ?????? ?? ????? ???? ?? ??? ?? ??????? ???? ?????? ???? ?? ?????? ?? ?????? ?? ????? ???? ??? ?? ?? ?? ???? ???? ?? ?????? ??????? ???? ?? ??? ?? ?? ???? ??????? ??????? ?? ????? ?? ??? ??????? ?? ??? ???? ???? ???? ????? ?? ???? ?? ???? ?? ???? ??????? ???? ?? ?????? ?? ?????? ?????????? ?? ??? ???? ???? ???????????? ???????? (ADM) ????? ?? ????? ??? ???? ???????? Forefront ??????? ??????? ??????? ????? ?? ?????? ?? ???? deployable ???? ???? ???????, ?? ????? ?? ??? ???? ????? ?? ????????? ???? ?? ??? Fcslocalpolicytool.exe ???? ???? ???? ?? ??? ????? ???? ?? ?????

??????????? ????? ?? ????

???? ?? ?????????, ???? ?? ??? ????? ?? ???????? ??? ?? ???? ?? ?? ???? ????:

?????? 1: ?????? ???? ???? ADM ????? ?? ????? ????

  1. ??? ???? ???? ???????????? ???????? ????? ??????
    1. Notepad ??????? ????..
    2. ?? ????????? ?????, ?? ???? ??? ????? ???? Notepad ??? ???????:
      CLASS MACHINE
CATEGORY !!FCSCategory
	POLICY !!NetworkScan_Name
		KEYNAME "SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Scan"
		EXPLAIN !!NetworkScan_Explain

		VALUENAME DisableScanningNetworkFiles
		  VALUEON NUMERIC 1
		  VALUEOFF NUMERIC 0
	END POLICY
END CATEGORY

[strings]
FCSCategory="Microsoft FCS Scan Configuration"
NetworkScan_Name="Disable Network Scan"
NetworkScan_Explain="This setting instructs the FCS antimalware client not to scan referenced network locations."
    3. ????? ???????????? ??,?? ??? ??? ??????.
    4. ???? ?????? ?? ??? ????, ?? ???? ??? ?????KB971026.adm?????????? ???????? ????
    5. ??????? ?????? ??????????? ???, ?? ???? ?????? ??????? (*. *).
  2. ???? ???? ???? ?? ??? ???? ???? ???????????? ???????? ????? ?? ????? ????
    1. KB971026.adm ????? ?? ???????? ???? ?? ????????? ???? ?? ??? ?????? ????? ??? ?????For more information about how to manage ADM files, click the following article number to view the article in the Microsoft Knowledge Base:
      816662
      (http://support.microsoft.com/kb/816662/ )
      Recommendations for managing Group Policy administrative template (.adm) files
    2. Open the group policy editor to the appropriate local or Active Directory based location. Typically, this is done either through the local group policy editor, Active Directory Users and Computers, or the Group Policy Management Console(GPMC).
    3. ??????? ???????????? ???????????, ????-????? ???????????????? ????????????? ????,Add/Remove Template.
    4. ????? ????,add.
    5. Click to select the KB971026.adm file that you created in Step 1, and then click?????.
    6. ????? ????,??? ????. TheClassic Administrative Templates (ADM)folder is created under???????????? ????????.
    7. Windows Vista ?? Windows Server 2008 ??, ?? ??????? ????Classic ???????????? ???????? (ADM)????? ????,Microsoft FCS ????? ???????????.
    8. ???? ??? ??? ??? ????? ??????????? ????? ?? ????? ????.
    9. ??? ?????????? ?????? ????-????? ????, ?? ???? ???OK.

?????? 2: ?????? ????. reg ????? ?? ??????? ????

  1. ???. reg ????? ?? ??? ???? ???? ???? ?? ??? Forefront ??????? ??????? ??????? ????? ?? ????? ????? ???? ??????? ?? ??? ? ????????? ????? ????????? ??? ? ????? Microsoft ??? ???? ?? ?????:
    HTTP://TechNet.Microsoft.com/en-us/library/bb418857.aspx
    (http://technet.microsoft.com/en-us/library/bb418857.aspx)
  2. Windows Explorer ?????, ??. reg ????? ?? ?????? ??????
  3. . Reg ????? ?? ????-????? ????, ?? ???? ??? ????? ??????????.
  4. ????? ?? ??? ???? ?? ??? ??????? ????, ?? ???? ??? ????? ?? ????????? ????? ?? ??? ??? ??????:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0\AM\Scan]
"DisableScanningNetworkFiles"=dword:1
  5. ??????, ??. reg ????? ?? ??? ?????
  6. ?????? ???????? ??. reg ????? ?? ???? ???? ?? ??? fcslocalpolicytool.exe ?? ????? ????? ???? ??????? ?? ??? ? ????????? ????? ????????? ??? ? ????? Microsoft ??? ???? ?? ?????:
    HTTP://TechNet.Microsoft.com/en-us/library/bb418857.aspx
    (http://technet.microsoft.com/en-us/library/bb418857.aspx)
????? ?? ???? ???? | ??????????? ???

??????

Microsoft ?? ?????? ?? ?? ?? ?? ?? Microsoft ???????? ??? ?? ?????? ?? ?? "???? ???? ???? ???" ?????? ???????? ???..
????? ?? ???? ???? | ??????????? ???

???

???? ID: 971026 - ????? ???????: 29 ??????? 2011 - ??????: 3.0
???? ???? ???? ??:
  • Microsoft Forefront Client Security
??????: 
kbexpertiseinter kbsurveynew kbqfe kbmt KB971026 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:971026
(http://support.microsoft.com/kb/971026/en-us/ )
????? ?? ???? ???? | ??????????? ???

??????????? ???

 
????? ?? ???? ????????? ?? ???? ????