Kaspersky Security 10.1.1 for Windows Server (version 10.1.1.746): commercial release

Kaspersky Security 10.1.1 for Windows Server was released on November 13, 2018. The full version number is 10.1.1.746.

What's new

• Support for new versions of Microsoft Windows operating systems.
  • Self-defense mechanisms based on ELAM and PPL technologies: now when the application is installed, it automatically registers an ELAM driver that makes it possible to start the Kaspersky Security service (kavfs.exe) with the Protected Process Light attribute. This makes it possible to bolster the application's self-defense and prevent a broad range of attacks. The functionality is available when the application is installed on computers running Microsoft Windows Server 2016 and higher.
  • Support for checking and processing cloud files stored in Microsoft OneDrive.
• Improved installation package subsystem capabilities. Now you can indicate which installation files can pass the trusted installation package attribute for the entire chain of files extracted from them. This makes it possible to increase the stability of the software installation processes on a server with enabled Applications Launch Control, but it also increases the scope for a potential attack by increasing the number of authorized application launches. We recommend using the parameter during complex software deployments, including when the server must be restarted during the software distribution process.
• Integration with WMI tools. Now when the application is installed, a Kaspersky Security namespace is automatically created in the WMI root namespace on the local computer. You can use client solutions that support WMI queries to obtain data about the application and its components.
• Support for AMSI interfaces. Use of AMSI technology, which is integrated in Microsoft Windows, has enabled the improvement of the mechanism for intercepting script launches on the server. The stability of the Script Monitoring task is improved, the application’s influence on the environment is reduced when intercepting scripts and blocking them if threats are detected, and the task scope is significantly expanded – now the Script Monitoring component works not only with scripts in JS and VBS files, but also PS1 files. The functionality is available when the Script Monitoring component is installed on servers running Microsoft Windows Server 2016.
• The format for displaying information about the application and its components has been expanded with the KAVSHELL OMSINFO command. Now you can get information about the status of the Applications Launch Control task as well as information about installed critical updates of application modules.
• The mechanisms for detecting and isolating active viruses have been improved:
  • Now the application detects fileless threats: viruses that have been started in the RAM and lack bodies on the disk.
  • The mechanisms for processing active viruses when they are detected have been fixed. The application now correctly terminates the infected processes.
  • It is now possible to configure a list of processes to be considered critical for the operating system. The application will not kill these processes when an active infection is detected. For details, see this article.
• A feature has been implemented for configuring parameters for using the AccessTime attribute for files scanned by the On-Demand Scan task. By default, the application restores the last access time of a file (the AccessTime attribute) after it has been scanned. Now you can use the Microsoft Windows Registry to disable restoration of the AccessTime attribute if this mechanism is causing false positives for backup systems. For details, see this article.
• Improved capabilities for managing and monitoring application state using the Compact Diagnostic Interface.
  • Now you can review the statistics counters for installed components on the Statistics tab of the Compact Diagnostic Interface.
  • The password is not required upon accessing the Compact Diagnostic Interface, even if the password-protection feature is on: the application limits access to the information and control elements that are available in the Compact Diagnostic Interface basing only on the specified user permissions for the application management.

For more information about the relesae of Kaspersky Security 10.1.1 for Windows Server, see this article.