Updating the Microsoft Engine when Antimalware is disabled in Exchange 2013


The antimalware feature in Exchange 2013 can be enabled during the installation of Exchange 2013 or any time afterwards if the user did not opt into using it during the installation.

In addition, the antimalware feature can be disabled at any time after it’s enabled by running the following script: Disable-AntimalwareScanning.ps1

If you do not enable the antimalware feature, or have disabled it at a later date, you have subsequently disabled the updating of the Microsoft engine.

The Exchange Transport Rule feature in Exchange 2013 utilizes the Microsoft engine during text extraction for certain predicates. Therefore, even when antimalware scanning is disabled, you still may be utilizing the Microsoft engine for these predicates.

There may be an occasion where an update is put out for the Microsoft engine that is specifically targeted for Exchange Transport Rule functionality. If you’ve disabled the antimalware feature with the script above or never opted into using it then automatic updates for the Microsoft engine are not enabled.  In this case you would not automatically receive this update.

In order to retrieve a Microsoft engine update when you did not enable the antimalware feature on install or had it enabled but subsequently disabled it via the “Disable-AntimalwareScanning.ps1” script you will need to execute the script below which will initiate a Microsoft engine update:

Update-MalwareFilteringServer.ps1 –identity %ServerName%

This script is found at the following location by default: C:\Program Files\Microsoft\Exchange Server\V15\Scripts


Article ID: 2805201 - Last Review: Jan 21, 2013 - Revision: 1