This article describes an anti-malware platform update package for Microsoft Forefront Endpoint Protection 2010 clients. This package updates Endpoint Protection client services, drivers, and user interface components.
Microsoft regularly releases anti-malware platform updates to guarantee consistency in protection, performance, robustness, and usability in a malware landscape that is constantly changing. This update package is dated August 2013.
This anti-malware platform update contains the following improvements:
Updates the platform to network real-time behavior monitoring functionality
Provides a new protection capability that combines suspicious network activity with other suspicious behavior monitoring already included in the product triggering telemetry and sample submission for suspicious files that may require further analysis.
For information about how to configure this feature, see the following Microsoft DevCenter website:
Adds anti-tampering functionality to reduce the risk that malware will disable or bypass anti-malware scanning
For example, access to registry and services used by the anti-malware platform can only be managed directly through supported (trusted channels) administrative options through the System Center Configuration Manager console.
Improves overall performance of the anti-malware platform compared to previous platform versions
Improvements are made for signatures that are delivered through the Microsoft Active Protection Service (MAPS). These changes contain no configurable or customer-facing effects.
For more information about MAPS, see the following Microsoft TechNet website:
Adds more language support to the anti-malware platform
New supported languages include the following:
Chinese (Hong Kong SAR) (zh-HK)
Chinese (PRC) (zh-CN)
Chinese (Taiwan) (zh-TW)
Portuguese (Brazil) (pt-BR)
Adds a configurable automatic sample submission option
By default, if your computer is opted in to MAPS, you may be prompted to send suspicious files to Microsoft for further analysis. This update enables new configuration options for this sample collection by providing an option to automatically send such files as .exe files without you being prompted. Be aware that all files that potentially contain personally identifiable information will continue to prompt you.
Notes about this option
This option includes an updated Microsoft Software License Terms and Privacy statement that discusses this functionality.
This option setting is configurable through Windows Management Instrumentation (WMI).
This option currently provides no user-configurable capability in the System Center Configuration Manager console or the Administrative Template (.admx) files.
This option requires MAPS membership.
For policy configuration information, see the following Microsoft Forefront website:
This update brings the antimalware client version to 126.96.36.199. You can find the version information by clicking About on the Help menu of the Endpoint Protection client user interface.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.