Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Forefront Client Security anti-malware client update: March 2011

Forefront Client Security anti-malware client update: March 2011

Introduction

This article describes the Microsoft Forefront Client Security (FCS) anti-malware client issues that are resolved in the March 2011 update package.

Issues that this hotfix package resolves

Issue 1

Computers that are running Forefront Client Security (FCS) and that frequently operate on battery power do not update definitions at the scheduled time.
Resolution
This update contains changes for Forefront Client Security (FCS) to let a computer that operates on battery power update definitions at the scheduled time.

↑ Back to the top

Issue 2

You cannot open a file that is encrypted by Prim'X ZoneCentral and that is located in a network shared folder on a computer that is running Forefront Client Security (FCS).
Resolution
The installer for this update package sets the AttachWhenLoaded registry value for the Windows Filter Manager to 1 on certain operating systems. For more information about the AttachWhenLoaded registry value and the applicable operating systems, visit the following MSDN website:
General information about the AttachWhenLoaded registry value and the applicable operating systems


Issue 3

Some real-time protection errors occur on computers that are running Windows 2000 Server and that use Forefront Client Security (FCS).
Resolution
This update changes MpFilter.sys to resolve this issue and to replace the update that is described in the following article:
2459065 Real-time protection fails on Windows 2000 after you apply the Forefront Client Security October 2010 update

↑ Back to the top

More Information

Hotfix information

A supported hotfix is available from Microsoft.

Note This hotfix is available from Microsoft Update and from Windows Server Update Services (WSUS). If you want to obtain the hotfix for deployment by using a different method, follow these steps:
  1. Visit the following Microsoft Update Catalog website:
    http://catalog.update.microsoft.com/v7/site/Home.aspx
  2. Type 2508823 in the Search box, and then click Search.
  3. Click Add to add the hotfix to the basket.
  4. Click Download.
  5. Click Browse, specify a folder for the file that you want to download, and then click OK.
  6. Click Continue, and then click I Accept to accept the Microsoft Software License Terms.
  7. When the update is downloaded to the folder that you specified, click Close.

Prerequisites

There are no prerequisites for installing this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix replaces the anti-malware client that is deployed by using the Forefront Client Security deployment package (1.0.1725.0).
2394439 Forefront Client Security deployment package (1.0.1728.0): October 2010
This hotfix replaces the following hotfixes:
2394433 Forefront Client Security antimalware client update: October 2010
2459065 Real-time protection fails on Windows 2000 after you apply the Forefront Client Security October 2010 update
979536 Forefront Client Security anti-malware client update: April 2010
976668 Forefront Client Security anti-malware client update: December 2009
971026 A hotfix is available to resolve some problems with the Forefront Client Security anti-malware client

952265 Data corruption may occur on a computer that has Forefront Client Security installed

938054 A hotfix is available to resolve some problems with the Forefront Client Security client

956280 The Forefront Client Security kernel-mode mini-filter unloads when you browse a network file share that contains many malicious files

File information

The English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Forefront Client Security, x86-based versions
File nameFile versionFile sizeDateTime
Amhelp.chmNot Applicable65,21619-Jul-201000:51
Mpasbase.vhd1.0.0.0572,72019-Jul-201000:52
Mpasdesc.dll1.5.1996.049,02402-Feb-201116:42
Mpasdlta.vhd1.0.0.09,00819-Jul-201000:52
Mpavbase.vhd1.0.0.0204,62419-Jul-201000:52
Mpavdlta.vhd1.0.0.09,04019-Jul-201000:52
Mpavrtm.dll1.5.1996.0128,38402-Feb-201116:23
Mpclient.dll1.5.1996.0367,48802-Feb-201116:23
Mpcmdrun.exe1.5.1996.0349,06408-Jan-201122:06
Mpengine.dll1.1.3520.03,308,62419-Jul-201000:52
Mpevmsg.dll1.5.1996.023,42402-Feb-201116:42
Mpfilter.sys1.5.1996.071,29602-Feb-201116:14
Mpoav.dll1.5.1996.092,03202-Feb-201116:23
Mprtmon.dll1.5.1996.0731,00802-Feb-201116:23
Mpsigdwn.dll1.5.1996.0129,92002-Feb-201116:23
Mpsoftex.dll1.5.1996.0518,01602-Feb-201116:23
Mpsvc.dll1.5.1996.0319,87202-Feb-201116:23
Mputil.dll1.5.1996.0177,02402-Feb-201116:23
Msascui.exe1.5.1996.01,033,60002-Feb-201116:23
Msmpcom.dll1.5.1996.0221,05602-Feb-201116:23
Msmpeng.exe1.5.1996.016,89608-Jan-201122:06
Msmplics.dll1.5.1996.09,08802-Feb-201116:23
Msmpres.dll1.5.1996.0766,33602-Feb-201116:42

Forefront Client Security, x64-based versions
File nameFile versionFile sizeDateTime
Amhelp.chmNot Applicable65,21619-Jul-201000:51
Mpasbase.vdm1.0.0.0572,72019-Jul-201000:52
Mpasdesc.dll1.5.1996.049,53602-Feb-201118:18
Mpasdesc.dll (x86 directory)1.5.1996.049,02402-Feb-201116:42
Mpasdlta.vdm1.0.0.09,00819-Jul-201000:52
Mpavbase.vdm1.0.0.0204,62419-Jul-201000:52
Mpavdlta.vdm1.0.0.09,04019-Jul-201000:52
Mpavrtm.dll1.5.1996.0155,00802-Feb-201117:58
Mpclient.dll1.5.1996.0547,71202-Feb-201117:58
Mpclient.dll (x86 directory)1.5.1996.0367,48802-Feb-201116:14
Mpcmdrun.exe1.5.1996.0504,62408-Jan-201123:46
Mpengine.dll1.1.3520.04,431,95219-Jul-201000:52
Mpevmsg.dll1.5.1996.023,42402-Feb-201118:18
Mpfilter.sys1.5.1996.091,52002-Feb-201116:14
Mpoav.dll1.5.1996.0117,63202-Feb-201117:58
Mpoav.dll (x86 directory)1.5.1996.092,03202-Feb-201116:14
Mprtmon.dll1.5.1996.01,181,05602-Feb-201117:58
Mpsigdwn.dll1.5.1996.0179,58402-Feb-201117:58
Mpsoftex.dll1.5.1996.0791,42402-Feb-201117:58
Mpsvc.dll1.5.1996.0438,65602-Feb-201117:58
Mputil.dll1.5.1996.0247,16802-Feb-201117:58
Mputil.dll (x86 directory)1.5.1996.0177,02402-Feb-201116:14
Msascui.exe1.5.1996.01,636,73602-Feb-201117:58
Msmpcom.dll1.5.1996.0305,53602-Feb-201117:58
Msmpeng.exe1.5.1996.016,38408-Jan-201123:46
Msmplics.dll1.5.1996.09,08802-Feb-201117:58
Msmplics.dll (x86 directory)1.5.1996.09,08802-Feb-201117:58
Msmpres.dll1.5.1996.0764,28802-Feb-201118:18

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

More Information

This update is included in a new slipstream installation package of the Forefront Client Security client software. For more information about the slipstream installation package, click the following article number to view the article in the Microsoft Knowledge Base:
2508824 Forefront Client Security deployment package (1.0.1736.0): March 2011

↑ Back to the top



Known Issues

Microsoft has identified an issue when this update is installed on Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2, that may cause the antimalware agent to be removed when using the Windows install updates and shut down feature to apply this update. For more information on this issue see the following article:

2524280 Antimalware agent is removed after you apply Forefront Client Security March 2011 update when using install updates and shut down


↑ Back to the top

Keywords: kbqfe, kbhotfixserver, kbfix, kbexpertiseinter, kbsurveynew, fep2010swept, kb

↑ Back to the top

Article Info
Article ID : 2508823
Revision : 3
Created on : 3/30/2017
Published on : 3/30/2017
Exists online : False
Views : 128