Microsoft Application Virtualization (App-V) stores some virtual application files in a virtual drive implementation, usually labeled as drive letter Q:\. App-V supports detection and remediation of application files on this drive using both real time detection and file scanning technologies, however users must ensure that their anti-malware software is properly configured for virtual application files.
What can users do to protect against malware when using Microsoft App-V technology?
You should run your existing anti-malware software, follow your vendor’s best practices, and make sure that your software and anti-malware definitions are kept up to date. You should make sure that the anti-malware software is configured optimally for App-V. Since not every existing anti-malware solution fully supports App-V, Microsoft recommends that you contact your vendor for assistance with compatibility and configuration options for App-V with your anti-malware software.
Beyond anti-malware software, Microsoft recommends a defense in depth strategy to securing your App-V implementation. More detailed information on securing your App-V deployment is available in the App-V Security Best Practices Guide.
What if my anti-malware vendor doesn’t have a solution for detecting and cleaning malware on drive Q? Your anti-malware vendors should contact their Microsoft liaison.
We also published this same information today in the following KB article:
KB2553775 - Microsoft App-V Anti-malware Software Compatibility
J.C. Hornbeck | System Center Knowledge Engineer
The App-V Team blog: http://blogs.technet.com/appv/ The WSUS Support Team blog: http://blogs.technet.com/sus/ The SCMDM Support Team blog: http://blogs.technet.com/mdm/ The ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/ The SCOM 2007 Support Team blog: http://blogs.technet.com/operationsmgr/ The SCVMM Team blog: http://blogs.technet.com/scvmm/ The MED-V Team blog: http://blogs.technet.com/medv/ The DPM Team blog: http://blogs.technet.com/dpm/ The OOB Support Team blog: http://blogs.technet.com/oob/ The Opalis Team blog: http://blogs.technet.com/opalis The Service Manager Team blog: http: http://blogs.technet.com/b/servicemanager The AVIcode Team blog: http: http://blogs.technet.com/b/avicode The System Center Essentials Team blog: http: http://blogs.technet.com/b/systemcenteressentials The Server App-V Team blog: http: http://blogs.technet.com/b/serverappv