The anti-malware platform will be updated Tuesday April 9, 2013 across multiple products. These products include Forefront Endpoint Protection 2010 and System Center 2012 Endpoint Protection SP1 standalone clients, and the managed versions of both.
The standalone updates will be made available via Microsoft Update and WSUS as Critical Updates. The installation packages are approximately 25MB; WSUS administrators should review auto-approval rules in advance of the April 9 release to avoid any unexpected increase in network traffic.
This anti-malware platform update contains the following improvements:
• Adds new malware remediation functionality to the anti-malware platform.
• Adds anti-tampering improvements to the anti-malware platform.
• Improves overall performance of the anti-malware platform.
Update April 16, 2013
The KB articles for these updates are as follows:
Stand-alone / Unmanaged clients:
KB2831312 An anti-malware platform update for stand-alone Forefront Endpoint Protection 2010 clients is available from Microsoft Update
KB2831316 An anti-malware platform update for stand-alone System Center 2012 Endpoint Protection Service Pack 1 clients is available from Microsoft Update
Managed (by Configuration Manager 2007 for FEP, or by System Center 2012 Configuration Manager for SCEP):
KB2827684 An anti-malware platform update for Forefront Endpoint Protection 2010 clients is available from Microsoft Support
KB2828233 An anti-malware platform update for System Center 2012 Endpoint Protection Service Pack 1 clients is available from Microsoft Support
As noted in the KB articles, these updates may require reboots during installation.
The two stand-alone releases (2831312 and 2831316) were temporarily removed from Microsoft Update on April 10; they will be restored on Wednesday April 17.
This is because of a detection logic issue that was discovered with the Windows Defender platform update made available to Windows 8 clients: http://support.microsoft.com/kb/2781197
The Windows Defender update was being erroneously offered to clients that had the new FEP or SCEP platform updates applied. This led to installation failures of KB2781197 that are misleading, as the update does not actually apply when FEP or SCEP have been updated to the latest platform.
Note that managed customers (using Configuration Manager 2007 or System Center 2012 Configuration Manager) may also see failures when installing update KB2781197 on Windows 8 clients that have the FEP or SCEP platform update applied. These failures can also be ignored and should cease now that the update KB2781197 detection logic is revised (effective April 16).
–The Configuration Manager Team
This posting is provided “AS IS” with no warranties and confers no rights.