Microsoft Application Virtualization (App-V) stores some virtual application files in a virtual drive implementation, usually labeled as drive letter Q:\. App-V supports detection and remediation of application files on this drive using both real time detection and file scanning technologies, however users must ensure that their anti-malware software is properly configured for virtual application files.
What can users do to protect against malware when using Microsoft App-V technology?
You should run your existing anti-malware software, follow your vendor’s best practices, and make sure that your software and anti-malware definitions are kept up to date. You should make sure that the anti-malware software is configured optimally for App-V. Since not every existing anti-malware solution fully supports App-V, Microsoft recommends that you contact your vendor for assistance with compatibility and configuration options for App-V with your anti-malware software.
Beyond anti-malware software, Microsoft recommends a defense in depth strategy to securing your App-V implementation. More detailed information on securing your App-V deployment is available in the App-V Security Best Practices Guide.
What if my anti-malware vendor doesn’t have a solution for detecting and cleaning malware on drive Q?
Your anti-malware vendors should contact their Microsoft liaison.
We also published this same information today in the following KB article:
KB2553775 – Microsoft App-V Anti-malware Software Compatibility
J.C. Hornbeck | System Center Knowledge Engineer
The App-V Team blog: http://blogs.technet.com/appv/
The WSUS Support Team blog: http://blogs.technet.com/sus/
The SCMDM Support Team blog: http://blogs.technet.com/mdm/
The ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/
The SCOM 2007 Support Team blog: http://blogs.technet.com/operationsmgr/
The SCVMM Team blog: http://blogs.technet.com/scvmm/
The MED-V Team blog: http://blogs.technet.com/medv/
The DPM Team blog: http://blogs.technet.com/dpm/
The OOB Support Team blog: http://blogs.technet.com/oob/
The Opalis Team blog: http://blogs.technet.com/opalis
The Service Manager Team blog: http: http://blogs.technet.com/b/servicemanager
The AVIcode Team blog: http: http://blogs.technet.com/b/avicode
The System Center Essentials Team blog: http: http://blogs.technet.com/b/systemcenteressentials
The Server App-V Team blog: http: http://blogs.technet.com/b/serverappv