Distribution Component

Back in October, the Forefront Client Security product team made an announcement that WSUS 3.0 on 64bit OS would be a supported scenario and to not install the Distribution component on 64bit Operating systems. “Also, we are announcing support for definition distribution via WSUS 3.0 installed on an x64-based platform. To support this configuration, the…


After install of KB971026 for FCS, the full Client package for FCS is re-offered from WSUS

Yesterday Microsoft released KB971026 which is an update to the FCS Antimalware engine.  This update installs successfully without issues.  However, after this update is applied, the initial FCS Client package called “Client Update for Microsoft Forefront Client Security (1.0.1703.0)” on the WSUS server would then be offered to the system.  If the Client Update for Microsoft…

1

Understanding catch-up scans

A catch-up scan is a scan that is initiated because a regularly scheduled Forefront Client Security antimalware scan was missed.  Usually these scheduled scans are missed because the computer was turned off at the scheduled time.  The FCS documentation at http://technet.microsoft.com/en-us/library/bb418896.aspx states: Scheduled malware scans enable you to choose the time of day when the…


Testing FCS antimalware detection with your own library

During evaluation of the Forefront Client Security antimalware protection many customers will review the information provided by independent antimalware testers such as http://www.av-test.org/ http://www.virusbtn.com/ http://www.av-comparatives.org/ (When reading these sites, note that Microsoft’s Forefront Client Security and OneCare products use the same malware protection engine and definitions) Other customers may want to test FCS detection capabilities…


Slipstreaming a Client Security client installation

As I mentioned in my previous blog posting, there have been several updates to the FCS antimalware client since its release. Through traditional deployment methods you will install the release to manufacturing components(RTM) of the FCS client which has no updates and extremely limited detection capabilities. At installation, the client has the base 1.0.0.0 antimalware…