Forefront Endpoint Protection Blog

All the latest news and information on Forefront Client Security, Forefront Endpoint Protection and System Center Endpoint Protection 2012

Browse by Tags

Related Posts
  • Blog Post: Scanning email archives

    Continuing in the registry key series, let’s talk about DisableEmailScanning . By default, the antimalware engine included with FCS will not scan email archives (email archives are file-based containers that contain email messages). FCS is an enterprise-level product – and in an enterprise...
  • Blog Post: Setting a process exclusion in your network

    Trust me, one of these days you will need to exclude a process from being scanned by FCS. Or maybe you already crossed that bridge. You added a process exclusion using the GUI, it worked like a charm. As you need to have this exclusion set on all your systems, you opened the FCS console and edited...
  • Blog Post: Scanning reparse points

    Next in our series: how to enable scanning of reparse points , also known as junctions , or mount points . (For more information about what exactly reparse points, junctions and mount points are , see http://msdn.microsoft.com/en-us/library/aa365006(VS.85).aspx and http://msdn.microsoft.com/en...
  • Blog Post: Changes to FCS Client WSUS Installation package

    Using WSUS is likely the easiest and most popular way to deploy the FCS client to computers. As described in the deployment guide , after deploying FCS policy and approving the package Client Update for Microsoft Forefront Client Security (1.0.1703.0) on your WSUS 2.0 or 3.0 server, the FCS client is...
  • Blog Post: Checking for definition updates when starting

    Next up in our registry key series: enabling definition updates upon service start. By default (out of box), the FCS client will check for definition updates: Before starting a scan At the configured interval Manually However, there is a registry key available that you can use to...
  • Blog Post: Wildcards in path exclusions: FCS

    Since the August 2009 antimalware engine update we support wildcards in path exclusions for on-demand scans (quick/full/custom scan). It is important to note that Wildcards in path exclusions will not work for Real Time Protection and will be ignored (this does not apply to extension exclusions)....
  • Blog Post: Miscellaneous Real Time agent keys

    The final installment in our series on registry keys for FCS is a big one – there are a lot of registry keys that can be used to control the behavior of the FCS real-time protection agent. The following tables describe the keys (these are in addition to the ones described here and here , in...
  • Blog Post: Tools anyone?

    Did you know that Microsoft has an open source hosting website? Codeplex ( www.codeplex.com ) is a Microsoft website that hosts customer-driven projects, and allows customer collaboration on these projects. The cool thing about Codeplex is that it allows YOU, our customers, to share your FCS solutions...
  • Blog Post: Client Security slow logon issue

    After installing the most recent antimalware update ( KB971026 ), some Client Security customers have reported that their managed Windows XP SP2 and SP3 clients take longer to logon after a reboot. Our support and sustained engineering teams have researched this issue and wanted to provide additional...
  • Blog Post: Setting definition update keys via policy

    Next up in our registry key series: setting definition update keys via policy. On the FCS TechNet library, the following registry key is described: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Forefront\Client Security\1.0 Description Registry Key New value when...
  • Blog Post: Scanning removable drives

    In response to a recent question via this blog, I’d like to explain a setting for antimalware scanning in Forefront Client Security that you can configure via a registry key. FCS scans removable drives at certain times. When you insert a removable drive, the boot sector of that drive is scanned...
  • Blog Post: FCS KB 976668 and 976669 fail to install on Windows 2000 when the installation is run as Local System

    We’re tracking an issue where the latest FCS antimalware client update won’t install on Windows 2000 when the installation is run as Local System (i.e. Automatic Updates installing at 3am). When this issue occurs, the update uninstalls the previous version of the antimalware client, and then tries...
  • Blog Post: Understanding how Forefront Client Security responds to potentially unwanted software

    Analysts at the Microsoft Malware Protection Center ( MMPC ) apply objective criteria to software to determine if it should be classified as malicious or potentially unwanted. When software is classified as malicious or potentially unwanted, Microsoft adds it to a definition library used by Client Security...