locked
Update forefront vulnerability engine RRS feed

  • Question

  • Forefront Vulnerabilities Engine Deployment Status shows that my machines have old engines. After installing Definition Update for Microsoft Forefront Client Security (Security State Assessment 1.0.1710.103 Full) I still have the engines with an old version.

    I read some articles how to manually update the engine but this have not worked. Can this be done automatically some how?

    Now I have copied the manifest file from the C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\Updates\Patch-1.0.1710.103 folder

    I also copied the dlls to the C:\Program Files\Microsoft Forefront\Client Security\Client\SSA folder.

    Then I restarted the server and editted the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Forefront\Client Security\1.0\SSA and changed the WorkingManifestVersion to  1.0.1710.103

    This however is not something I want to do on 200 machines....

    Wednesday, September 30, 2009 12:46 PM

Answers

  • Do you have the SSA scanning enabled on these systems? If it is not, the latest vulnerability engine will be downloaded by the client, but will not be effectively updated. You can force the client to run a one time only SSA scan by running a full scan from the FCS Server console and selecting the target client machine that's not showing as updated.


    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    • Marked as answer by LA1976 Wednesday, February 24, 2010 11:25 AM
    Tuesday, February 16, 2010 9:40 PM
    Moderator

All replies

  • Have you tried Microsoft Update? That should detect the latest engine update and get you the latest installed.
    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    Thursday, October 1, 2009 11:41 PM
    Moderator
  • Microsoft update on 200 machines?

    Is there no way to do this automated?
    Friday, October 2, 2009 2:24 PM
  • One machine to test and the results is what I'm interested in to understand if you're actually able to receive the latest engine.
    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    Friday, October 2, 2009 3:37 PM
    Moderator
  • Windows update claims that there are no updates.

    Friday, October 9, 2009 11:29 AM
  • I have the use microsoft update selected
    Friday, October 9, 2009 11:35 AM
  • He guys any update ?

    Monday, February 15, 2010 9:08 AM
  • I get the latest manifest installed but it is not updating the files on the machine..

    The key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Forefront\Client Security\1.0\SSA\WorkingManifestVersion contains the old version and also the files have not been updated


    It happens on half of the machines... What should I do?

    Tuesday, February 16, 2010 2:25 PM
  • Do you have the SSA scanning enabled on these systems? If it is not, the latest vulnerability engine will be downloaded by the client, but will not be effectively updated. You can force the client to run a one time only SSA scan by running a full scan from the FCS Server console and selecting the target client machine that's not showing as updated.


    Oguzhan Filizlibay | Security Escalation Engineer | Microsoft EMEA CSS Security
    • Marked as answer by LA1976 Wednesday, February 24, 2010 11:25 AM
    Tuesday, February 16, 2010 9:40 PM
    Moderator