Updating the anti-malware database and updatable modules on a regular basis ensures that Kaspersky Scan Engine provides a consistent level of security. For information on the recommended frequency for updates, see section "Best practices for database updates".
To update the database and modules, you must have a valid KEY file or an activation code for Kaspersky Scan Engine.
When the anti-malware database and modules are updated, the encrypted User-Agent string of Kaspersky Scan Engine is transferred to Kaspersky. For the list of transferred data, see section "Data transferred to Kaspersky during an update".
Kaspersky Scan Engine supports the following methods of updating:
This method does not require any additional software to be installed.
This is the recommended method of updating.
You can use Updater SDK to download updates and to create mirror servers for updates.
Updater SDK, including the documentation on Updater SDK API, is delivered as a separate package.
This method is not recommended.
Updating by using the built-in functionality of Kaspersky Scan Engine
To configure regular updates by using the built-in functionality of Kaspersky Scan Engine:
Updating by using Updater SDK
Updater SDK allows you to update Kaspersky Scan Engine and to create mirrors that keep your own copies of updates for updatable modules and the anti-malware database downloaded from the Kaspersky update servers. These mirrors can be deployed within the boundaries of a local enterprise network, allowing you to retrieve updates once, and then redistribute the updates to multiple endpoints within the local network and without having to contact the Kaspersky update servers each time. You can also use Updater SDK to download the updated anti-malware database to computers with Kaspersky Scan Engine installed.
For more information about updating with Updater SDK, see the Updater SDK documentation. You can get the Updater SDK documentation from the person at Kaspersky who provided you with the Kaspersky Scan Engine distribution kit.
Manual updating
You can run an update manually in the following ways:
Manual updating is not recommended.
About the update procedure
Updates are available through the Kaspersky update servers, which are dedicated servers on the Internet operated by Kaspersky that have the most recent versions of files provided by Kaspersky. Kaspersky Scan Engine can also download updates from mirror servers created with Updater SDK.
When the update is performed from the Kaspersky infrastructure, data is transmitted over a secure channel. The HTTPS (TLS) protocol can be used. The protocol to use is selected by the Kaspersky infrastructure.
The following data is downloaded during the update procedure of Kaspersky Scan Engine:
Malware definitions store malware signature data. Scanning components of Kaspersky Scan Engine use these definitions for detection.
Updatable modules implement enhanced detection methods in Kaspersky Scan Engine.
Updates are performed by using a differential updating technique. This technique allows Kaspersky Scan Engine to update files by downloading only the part of the file that has changed since the last update.
Getting information about the current anti-malware database
You can get information about the current anti-malware database in the following ways:
kavicapd service by using the status command (in ICAP mode).