- Microsoft Update or Windows Server Update Services (WSUS) through Automatic Updates
- The stand-alone installer package
- File-copy deployment
When you use the file-copy deployment method, the anti-malware service is notified when the new files are copied into the update folder, and then the service begins the update process.
The update process consists of the following steps:
- Makes sure that there is only one update occurring at a time.
- Creates a new update folder that has a unique identifier (GUID) name in the following directory:%AllUsersProfile%\Application Data\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates
- Copies the new files to this location.
- Copies files from the current configuration that are newer than the corresponding files in the new location or that are not present in the new location. This enables the delta update scenario.
- Verifies consistency between the engine and the definition files. Also verifies that the new versions are later or equal to the current versions.
- Copies the current engine and definition files to the following Backup directory:%AllUsersProfile%\Application Data\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\Definition Updates\Backup
- Updates the definition information in the registry. This includes the new location timestamps and the version information.
- Starts the new engine and begins routing scan requests.
- Unloads the old engine when all active requests for the old engine are completed.
- Removes the GUID-named directory for the old engine.
Article ID: 953523 - Last Review: Apr 6, 2012 - Revision: 1