As you may be aware, after our recent announcement regarding the Microsoft Anti-Malware Platform Update, the two stand-alone releases (KB2831312 and KB2831316) were temporarily removed from Microsoft Update on April 10. This was because of a detection logic issue that was discovered with the Windows Defender platform update made available to Windows 8 clients (see http://support.microsoft.com/kb/2781197). The Windows Defender update was being erroneously offered to clients that had the new FEP or SCEP platform updates applied, leading to installation failures of KB2781197 that were misleading as the update does not actually apply when FEP or SCEP have been updated to the latest platform.
This has been addressed and these updates will be restored on Wednesday April 17 (today).
The KB articles for these updates are as follows:
Stand-alone / Unmanaged Clients:
KB2831312 - An anti-malware platform update for stand-alone Forefront Endpoint Protection 2010 clients is available from Microsoft Update (http://support.microsoft.com/kb/2831312)
KB2831316 - An anti-malware platform update for stand-alone System Center 2012 Endpoint Protection Service Pack 1 clients is available from Microsoft Update (http://support.microsoft.com/kb/2831312)
Managed Clients (by Configuration Manager 2007 for FEP, or by System Center 2012 Configuration Manager for SCEP):
KB2827684 - An anti-malware platform update for Forefront Endpoint Protection 2010 clients is available from Microsoft Support (http://support.microsoft.com/kb/2827684)
KB2828233 - An anti-malware platform update for System Center 2012 Endpoint Protection Service Pack 1 clients is available from Microsoft Support (http://support.microsoft.com/kb/2828233)
As noted in the KB articles, these updates may require reboots during installation.
Note that managed customers (using Configuration Manager 2007 or System Center 2012 Configuration Manager) may also see failures when installing update KB2781197 on Windows 8 clients that have the FEP or SCEP platform update applied. These failures can be ignored and should cease now that the update KB2781197 detection logic has been revised.
J.C. Hornbeck | Knowledge Engineer | Microsoft GBS Management and Security Division
Get the latest System Center news on Facebook and Twitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/ System Center – Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/ System Center – Data Protection Manager Team blog: http://blogs.technet.com/dpm/ System Center – Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/ System Center – Operations Manager Team blog: http://blogs.technet.com/momteam/ System Center – Service Manager Team blog: http://blogs.technet.com/b/servicemanager System Center – Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Windows Intune: http://blogs.technet.com/b/windowsintune/ WSUS Support Team blog: http://blogs.technet.com/sus/ The AD RMS blog: http://blogs.technet.com/b/rmssupp/
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/ The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/ The Forefront TMG blog: http://blogs.technet.com/b/isablog/ The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
A file quarantined by Forefront Endpoint Protection 2010 (FEP 2010) or System Center 2012 Endpoint Protection (SCEP 2012) may be restored to an alternative location by using the MPCMDRUN command-line tool. The syntax is explained in the article below:
KB2834037 - How to restore files quarantined by Endpoint Protection to an alternative location (http://support.microsoft.com/kb/2834037)
App-V Team blog: http://blogs.technet.com/appv/ MED-V Team blog: http://blogs.technet.com/medv/ Server App-V Team blog: http://blogs.technet.com/b/serverappv
We just published a new KB article that explains an issue where you receive error 0x80248014 when trying to manually update the antimalware definitions on a Win8 computer running FEP 2010 or SCEP 2012 installed. You can find the complete article here:
KB2832355 - Updating the antimalware definitions in FEP/SCEP fails with error 0x80248014 (http://support.microsoft.com/kb/2832355)
The anti-malware platform will be updated Tuesday April 9, 2013 across multiple products. These products include Forefront Endpoint Protection 2010 and System Center 2012 Endpoint Protection SP1 standalone clients, and the managed versions of both. For all the details please see the following:
Announcement: Microsoft Anti-Malware Platform Update (http://blogs.technet.com/b/configmgrteam/archive/2013/04/05/announcement-microsoft-anti-malware-platform-update.aspx)
Just a quick note on a new Knowledge Base article we just published on SCEP 2012. This article discusses an issue where in a very specific scenario, clicking the Update button in the System Center 2012 Endpoint Protection client user interface fails with error 0x8024402c. See the KB article below for details:
KB2831244 - Clicking the Update button in the System Center 2012 Endpoint Protection client user interface fails with error 0x8024402c (http://support.microsoft.com/kb/2831244)
J.C. Hornbeck | Knowledge Engineer | Microsoft CTS Management and Security Division