Hotfix Rollup 2 for Forefront Protection for Exchange

http://support.microsoft.com/kb/2181692

Hotfix Download Available
View and request hotfix downloads

New Features

1. A new safety mechanism is being introduced in Rollup 2 for Forefront Protection for Exchange which will restart a Transport scan process if that process encounters more than 5 exceptions. 
   
   In the case that the exception type is specific to a process instance, this safety mechanism will automatically rectify the situation and allow normal operations to continue.
   
   
   More Information
   
   Once you have upgraded to Forefront Protection for Exchange with Service Pack 2, you can use the Set-ExtendedOption Forefront Management Shell cmdlet to change the ExceptionCount. For example, to set the default Exception Count to 2, run this command in the Forefront Management Shell:
   
   Set-ExtendedOption ExceptionCount -value 2
   
   Note that the ExceptionCount extended option applies to the Transport scanjob only.
   
   
2. Forefront Protection for Exchange will now post an alert, if any items are present in the Undeliverable archive folder
   
   Summary
   
   A new Health Point has been introduced to monitor any undeliverable mail that is copied to the %Program Files (x86)%\ Microsoft Forefront Protection for Exchange Server\Data\Archive\Undeliverable folder.
   
   When any messages are present in the Undeliverable folder, or its subfolders, the following reporting mechanisms are activated:
   
   · An “Undeliverable items archived” Health Point error will be logged to the Scanjob Health Monitor, on the Dashboard of the Forefront Protection for Exchange Administrator UI.
   · An 8056 event ID will be written to the application event log, warning that “X messages have been archived and purged due to an error while scanning, where X represents the number of messages that have been archived. Please ensure that mail is not queuing.
   
   More Information
   
   The Undeliverable folder is used to archive mail that cannot be processed properly by Forefront Protection for Exchange’s Transport scanjob. Any mail in this folder or subfolders encountered a serious scanning issue and could not be delivered to the intended recipient(s). The mail is archived so that the administrator at least has a copy of the original
   
   
3. Forefront Protection for Exchange now collects URL count data
   
   Summary
   
   Forefront Protection for Exchange now collects the following data for analysis by Microsoft:
   
   ·         Total number of mails per hour ()
   
   ·         Total number of URLs per hour
   
   ·         Number of mails with one or more URLs per hour
   
   ·         The local server's time zone
   
   More Information
   
   For more details about the data collected, please see the “Customer Experience Improvement Program” section in the Microsoft Forefront Protection for Exchange Privacy Statement: Privacy Statement (http://download.microsoft.com/download/4/A/D/4AD09FEE-A550-4D55-B902-B521B99DB672/Microsoft%20Forefront%20Server%20Protection%202010%20Privacy%20Statement%20en-US.htm)
   
   
4. Forefront Protection for Exchange Hotfix Rollup 2 allows for the FSEAgent Log size to be increased
   
   Summary
   
   The FSEAgent logs keep a record of the results of each scan Forefront takes on each message it scans on the Transport specific to anti-spam and filtering results. Previous to FPE Hotfix Rollup 2, the FSE Agent Log had a max size of 350 megabytes. This threshold can now be increased.
   
   
   More Information
   
   In order to increase the size of the FPE Agent Log, please follow these directions:
   
   1.) Open the FPE Powershell
   2.) Create a new extended option: New-FseExtendedOption -Name AgentLogDirMaxSize -Value 500
   3.) Restart the Exchange Transport service
   
   Please note, the above directions use 500 (megabytes) as an example. The number here represents megabytes and has no limit. You can define any size limit you want.
   
   The FSEAgent Logs are found in the following directory: %Program Files (x86)%\Microsoft Forefront Protection for Exchange Server\Data\FSEAgentLog folder
   
   
5. The FSCDiag in Forefront Protection for Exchange Hotfix Rollup 2 now collects dump files on Windows Server 2008
   
   Summary
   
   The FSCDiag is used to collect diagnostic information for Forefront Protection for Exchange. By applying hotfix rollup 2, it will now collect any existing dump files as well on Windows Server 2008
   
   
6. You can now customize deletion text when Forefront Protection for Exchange tags mail as “EncryptedCompressedFIle” or “CorruptedCompressedFIle”
   
   Summary
   
   Forefront’s deletion text for “EncryptedCompressedFile” or “CorruptedCompressedFile” was hardcoded.
   
   Forefront Protection for Exchange Rollup 2 will now use the deletion text as defined by the administrator under the following panes of the administrative console:
   
   Realtime
   
   Policy Management- Antimalware: Mailbox Realtime [Edit Malware Deletion Text]
   
   Transport
   
   Policy Management- Antimalware: Mailbox Transport [Edit Malware Deletion Text]
   
   
7. Forefront Protection for Exchange Hotfix Rollup 2 now has support for enhanced deflate type compression within ZIP files
   
   Summary
   
   Prior to Hotfix Rollup 2, FPE categorized files with enhanced deflate type compression as CorruptedCompressed.
   
   
8. Forefront Protection for Exchange Hotfix Rollup 2 Support supports version 8 of the Kaspersky antivirus engine
   
   Summary
   
   Forefront Protection for Exchange Hotfix Rollup 2 Support installs and utilizes version 8 of the Kaspersky antivirus engine.