Microsoft is aware of an issue with the Microsoft AV engine not updating on some installations of Antigen and Forefront Server Security products. Not all installations of the products are experiencing this issue, however all products may be affected.
The issue arose because the aveMicrosoft.dll in one of the Microsoft AV engine updates was marked as hidden, causing all subsequent updates to fail when attempting to delete this file. When that occurs, the engine is rolled back. This means that installations experiencing this problem are running with an outdated version of the Microsoft AV engine.
To correct this problem, browse to the Microsoft AV engine folder (Install Path \ Exchange Server \ Engines \x86 \Microsoft ) and un-hide the “bin\aveMicrosoft.dll” file. You must then either manually update the Microsoft AV engine by clicking the Update Now button in Scanner Updates or allow the engine to be updated as scheduled. You do not need to shut down or recycle any services, but you will need to configure Windows Explorer to view Hidden Files.
While Microsoft has corrected the hidden file since the initial occurrence of this issue, the only way to correct an installation that is in this state is to do so manually by following the steps above. Microsoft will not be providing any hotfixes, engine updates, or program fixes to automatically correct this issue.
CSS Security Support Engineer (Antigen/Forefront Server Security) - Long Island