Microsoft Re-Releases Forefront Client Security Update on WSUS

Microsoft has re-released an update to the Forefront Client Security on Windows Server Update Services. The refresh went live on WSUS on June 18, 2009, and was designed to integrate with the version 1 of the FCS antimalware engine.

Following launch, the Redmond-based company started to receive feedback from customers that had deployed the update, related to the original FCS (Client Update for Microsoft Forefront Client Security (1.0.1703.0)) being constantly re-offered. On June 20, the software giant fixed the issue, by delivering a revised version of the initial refresh, namely 1.0.1703.0. After the revised older update went live, the re-offering problem was fixed.

“After [the KB971026] update is applied, the initial FCS Client package called ‘Client Update for Microsoft Forefront Client Security (1.0.1703.0)’ on the WSUS server would then be offered to the system. If the Client Update for Microsoft Forefront Client Security (1.0.1703.0) package attempted to install, it would fail as there is already a later version of the FCS Antimalware engine on the system. The Client Update for Microsoft Forefront Client Security (1.0.1703.0) package would then be continually offered and continually fail to install,” informed Shain Wray, Security Technical Lead.

What the software giant did was to update the metadata for the Client Update for Microsoft Forefront Client Security (1.0.1703.0) package. The Redmond-based company mentioned that KB971026 was never at fault for the problem, but that the situation managed to bring to the surface an issue related to the Client Update for Microsoft Forefront Client Security 1.0.1703.0.

“In order to apply this fix, please perform the following. 1. Customers will need to sync their WSUS servers to get the updated metadata. 2. The affected systems will need to have a detection cycle run on the clients in order for the package to stop continually being offered. Please note that the detection cycle will happen automatically within 24 hours or less depending on the automatic updates settings for detection frequency that are set via the policy,” Wray added.