This article describes an anti-malware platform update package for the following clients:
Microsoft System Center 2012 R2 Configuration Manager Endpoint Protection Service Pack 1 (SP1) clients
Microsoft System Center 2012 R2 Configuration Manager Endpoint Protection clients
Microsoft System Center 2012 Endpoint Protection Service Pack 2 (SP2) clients
Microsoft System Center 2012 Endpoint Protection Service Pack 1 (SP1) clients
System Center Configuration Manager, current branch
These packages update Endpoint Protection client services, drivers, and user interface (UI) components.
Microsoft regularly releases anti-malware platform updates to guarantee consistency in protection, performance, robustness, and usability in a malware landscape that's constantly changing. This update package is dated September 2016.
This anti-malware platform update contains the following improvements:
Better support for Proxy Pac usage for Microsoft Active Protection Service (MAPS) and Cloud-protection connectivity
Improved MAPS reliability and additional support to MAPS for proxy auto-configuration. Administrators can configure the URL of a proxy .pac file that System Center Endpoint Protection (SCEP) or Windows Defender's MAPS reporting by setting the Define proxy auto-config (.pac) for connecting to the network Group Policy setting in the ADMX Group Policy object that's included in this update. This Group Policy setting is located under Computer Configuration/Administrative Templates/Windows Components/Endpoint Protection. If administrators enable this setting, SCEP or Windows Defender will use the specified proxy .pac file for its proxy configurations. Otherwise, administrators can disable it or leave it blank.
Note The expected URL format for the specified proxy .pac file is https://example_server/example_file.pac.
The Microsoft anti-malware platform previously introduced the Network Real-time Inspection (NRI) feature for augmenting the network detection capabilities of the anti-malware client. By default, the existing Network Inspection System feature was disabled because of the potential performance impact it may have on systems. This triggered an internal shift in investment to focus only on NRI capabilities and signatures. As there has not been an active NIS signature in more than five years, the capabilities and control surface for NIS are removed from Endpoint Protection with this update.
How to obtain this update
This update is available from Microsoft Update.
Anti-malware platform updates for stand-alone System Center 2012 R2 clients and System Center 2012 clients are available from Microsoft Update.
You may have to restart the computer after you apply this update.
Note We recommend that you close Configuration Manager Administration Console before you install this update package.
Update replacement information
This update replaces the following update:
3153224 Revised March 2016 anti-malware platform update for Endpoint Protection clients
This update brings the anti-malware client version to 220.127.116.11. To find the version information, click About on the Help menu of the Endpoint Protection client user interface.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Define proxy auto-config (.pac) for connecting to the network
This policy setting defines the URL of a proxy .pac file that should be used when the client tries to connect to the network for definition updates and MAPS reporting. If the proxy auto-configuration fails or if there is no proxy auto-configuration specified, the client will fall back to the alternative options (in the following order):
Proxy server (if it is specified)
Proxy .pac URL (if it is specified)
Internet Explorer proxy settings
If you enable this setting, the proxy setting will use the specified proxy .pac file according to the order specified.
If you disable or do not configure this setting, the proxy will skip over this fallback step according to the order specified.