Applies to: Exchange Server 2013
Topic Last Modified: 2012-10-09
Microsoft Exchange Server 2013 administrators can manually download anti-malware engine and definition (signature) updates. We strongly recommend that you download engine and definition updates on your Exchange server prior to placing it in production.
What do you need to know before you begin?
- Estimated time to complete: 5 minutes
- To download updates, your computer must be able to access the
Internet and be able to establish a connection on TCP port 80
(HTTP).
- You can't use the Exchange admin center (EAC) to perform this
procedure. You can only use the Shell.
- You need to be assigned permissions before you can perform this
procedure or procedures. To see what permissions you need, see the
“Anti-malware” entry in the Anti-Spam and
Anti-Malware Permissions topic.
- For information about keyboard shortcuts that may apply to the
procedures in this topic, see Keyboard Shortcuts in
the Exchange Admin Center.
 Tip: |
|---|
| Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection |
Use the Shell to manually download engine and definition updates
To download engine and definition updates, run the following command:
 Copy Code |
|
|---|---|
& $env:ExchangeInstallPath\Scripts\Update-MalwareFilteringServer.ps1 -Identity <FQDN of server> |
|
This example manually downloads the engine and definition updates on a server named mailbox01.contoso.com:
| Copy Code |
|
|---|---|
& $env:ExchangeInstallPath\Scripts\Update-MalwareFilteringServer.ps1 -Identity mailbox01.contoso.com |
|
How do you know this worked?
In order to verify that updates were downloaded successfully, you need to access Event Viewer and view the event log. We recommend that you filter only FIPFS events, as described in the following procedure.
- From the Start menu, click All Programs >
Administrative Tools > Event Viewer.
- In Event Viewer, expand the Windows Logs folder, and
then click Application.
- In the Actions menu, click Filter Current
Log.
- In the Filter Current Log dialog box, from the Event
sources drop-down list, select the FIPFS check box, and
then click OK.
If engine updates were downloaded successfully, you will see Event ID 6033, which will appear similar to the following:
MS Filtering Engine Update process performed a
successful scan engine update.
Scan Engine: Microsoft
Update Path:
http://forefrontdl.microsoft.com/server/scanengineupdate
Last Update time:
2012-08-16T13:22:17.000Z
Engine Version: 1.1.8601.0
Signature Version: 1.131.2169.0