Limitations and warnings

Kaspersky Small Office Security has a number of limitations that are not critical to operation of the application.

Limitations on upgrades from a previous version of the application

The application can be upgraded if the following versions of Kaspersky Small Office Security are installed on your computer:

• Kaspersky Small Office Security 2
• Kaspersky Small Office Security 3
• Kaspersky Small Office Security 4

Upgrading from Kaspersky Small Office Security has the following limitations:

• When a previous version of Kaspersky Small Office Security is upgraded, the following application settings are replaced with default settings:
  • Kaspersky Small Office Security display settings
  • Scan schedule
  • Participation in Kaspersky Security Network
  • File Anti-Virus protection level
  • Mail Anti-Virus protection level
  • Anti-Banner settings
  • Update sources
  • List of trusted web addresses
  • URL Advisor settings
• After an upgrade from a previous version of the application, Kaspersky Small Office Security starts automatically even if automatic startup of the application is disabled in the settings that have been saved. When the operating system restarts afterwards, Kaspersky Small Office Security does not start automatically if automatic startup of the application is disabled in the settings that have been saved.

Limitations on the operation of certain components and automatic processing of files

Infected files and malicious links are processed automatically according to rules created by Kaspersky Lab specialists. You cannot modify these rules manually. Rules can be updated following an update of databases and application modules. The rules for Firewall, Webcam Protection, Application Manager, Software Cleaner, and Application Control are also updated automatically.

If a device scan is started from the Kaspersky Small Office Security Management Console, files will be processed automatically based on the rules specified in the application. Files detected on a device can be processed automatically by request from the Kaspersky Small Office Security Management Console without your confirmation, even if interactive protection is enabled in the application.

Website certificate check and file scan limitations

When checking a website certificate or scanning website files, the application may contact Kaspersky Security Network for information. If data from Kaspersky Security Network could not be retrieved, the application decides whether or not the file is infected and the certificate untrusted based on local anti-virus databases.

Limitations of System Watcher functionality

Protection against cryptors (malware that encrypts user files) has the following limitations:

• The Temp system folder is used to support this functionality. If the system drive with the Temp folder has insufficient disk space to create temporary files, protection against cryptors is not provided. In this case, the application does not display a notification that files are not backed up (protection is not provided).
• Temporary files are deleted automatically when you close Kaspersky Small Office Security or disable the System Watcher component.
• In case of an emergency termination of Kaspersky Small Office Security, temporary files are not deleted automatically. To delete temporary files, clear the Temp folder manually. To do so, open the Run window (Run command under Windows XP) and in the Open field type %TEMP%. Click OK.

Encrypted connections scan limitations

Due to technical limitations of the implementation of scanning algorithms, scanning of encrypted connections does not support certain extensions of the TLS 1.0 protocol and later versions (particularly NPN and ALPN). Connections via these protocols may be limited. Web browsers with SPDY protocol support use the HTTP over TLS protocol instead of SPDY even if the server to which the connection is established supports SPDY. This does not affect the level of connection security. If the server supports only the SPDY protocol and it is impossible to establish the connection via the HTTPS protocol, the application does not monitor the connection established.

Kaspersky Small Office Security monitors only those protected connection which it is able to decrypt. The application does not monitor connections added to the list of exclusions (Websites link in the Network settings window).

The following components perform decryption and scanning of encrypted traffic by default:

• Web Anti-Virus
• Safe Money
• Kaspersky URL Advisor
• Web Policy Management

Warning about operation of the Anti-Spam component

Anti-Spam functionality can be configured by editing the settings file for the Anti-Spam component.

Backup and Restore limitations

The following limitations apply to Backup and Restore:

• Online storage of backup copies becomes unavailable when the hard drive or computer is replaced. Visit the Kaspersky Lab support website for information on how to restore the connection to Online storage after replacing your hardware.
• Editing of service files of the backup storage can result in loss of access to the backup storage and inability to restore your data.

Limitations of Data Encryption functionality

When a data vault is created in the FAT32 file system, the size of the data vault file on the drive must not exceed 4 GB.

Specifics of kernel memory scanning for rootkits in Protected Browser mode

When an untrusted module is detected in Protected Browser mode, a new browser tab opens with a notification about malware detection. If this happens, you are recommended to exit the browser and run a Full Scan of the computer.

Specifics of clipboard data protection

Kaspersky Small Office Security allows an application to access clipboard in the following cases:

• An application with the active window attempts to place data in clipboard. The active window is the window that you are currently using.
• A trusted process of an application attempts to place data in clipboard.
• A trusted process of an application or a process with the active window attempts to receive data from clipboard.
• An application process that previously placed data in clipboard attempts to receive this data from clipboard.

Warning about compatibility with Kaspersky Lab applications

Kaspersky Small Office Security is incompatible with the following Kaspersky Lab applications:

• Kaspersky Internet Security
• Kaspersky PURE
• Kaspersky Total Security
• Kaspersky Small Office Security 1
• Kaspersky Anti-Virus for Windows Workstation 6
• Kaspersky Anti-Virus for Windows Server 6
• Kaspersky Endpoint Protection 8 and 10

Kaspersky Small Office Security is compatible with the following Kaspersky Lab applications:

• Kaspersky Fraud Prevention for Endpoint 2.0, 2.5, 3.0, 3.5
• Kaspersky Fraud Prevention for Endpoints 4.0, 5.0, 6.0
• Kaspersky Password Manager 2.0, 5.0, 7.0, 8.0

Kaspersky Small Office Security that is installed on a file server is compatible with Kaspersky Security for Microsoft Exchange Servers 9.0 Maintenance Release 2 and Kaspersky Security for Microsoft Exchange Servers 9.0 Maintenance Release 3. For proper operation of Kaspersky Small Office Security File Server together with those applications:

• Disable Mail Anti-Virus.
• Disable Web Anti-Virus or in the Web Anti-Virus settings add the web addresses of Exchange Web Services to the list of trusted URLs (Web Anti-Virus settings -> Advanced Settings -> Configure trusted URLs).

Specifics of processing of malicious objects by application components

By default, the application can delete files that cannot be disinfected. Removal by default can be performed during file processing by such components as Application Control, Mail Anti-Virus, File Anti-Virus, during scan tasks, and also when System Watcher detects malicious activity of applications.

Specifics of connecting to the Kaspersky Small Office Security Management Console portal

To enable a connection to the Kaspersky Small Office Security Management Console portal, during installation on a file server Kaspersky Small Office Security adds kaspersky.com to the list of trusted web addresses in the settings of the Internet Explorer browser.

Limitations applicable to certain components in case of application installation together with Kaspersky Fraud Prevention for Endpoints

Operation of the following Kaspersky Small Office Security components is limited in Protected Browser if the application is installed together with Kaspersky Fraud Prevention for Endpoints:

• Web Anti-Virus, except Anti-Phishing
• Web Policy Management
• Kaspersky URL Advisor
• Anti-Banner

Warning about changes in IM Anti-Virus and Web Policy Management functionality

Beginning with the 2016 version of Kaspersky Small Office Security, the IM Anti-Virus component does not scan messages transmitted via the IRC protocol.

IM Anti-Virus supports only the following ICQ versions: ICQ 8 – ICQ 8.3. Later versions are not supported.

Beginning with the 2016 version of Kaspersky Small Office Security, the Web Policy Management component does not scan messages transmitted via IM clients.

About personal data contained in report files

Report files are stored locally on your computer. Path to report files: %allusersprofile%\Kaspersky Lab\AVP16.0.0\Report\Database.

Reports are stored in the following files:

• reports.db
• reports.db-wal
• reports.db-shm (does not contain any personal data)

Report files are protected against unauthorized access if self-defense is enabled in Kaspersky Small Office Security. If self-defense is disabled, report files are not protected.

Report files can contain personal data obtained during operation of protection components, such as File Anti-Virus component, Mail Anti-Virus, Anti-Spam, and Web Policy Management.

Report files can contain the following personal data:

• IP address of the user's device
• Online browsing history
• Blocked links
• Messaging history in social networks
• Key words specified in Web Policy Management settings
• Versions of the browser and operating system
• Names of cookies and other files and paths to them
• Email address, sender, message subject, message text, user names, and list of contacts

Specifics of Autorun operation

The autorun process logs the results of its operation. Data is logged in text files named “kl-autorun-<date><time>.log”. To view the types of data that is logged, open the Run window (Run command under Windows XP) and in the Open field type %TEMP%. Click OK.

All trace files are saved at the path to setup files that were downloaded during operation of the autorun process. Data is stored for the duration of operation of the autorun process and deleted permanently when this process is terminated. Data is not sent anywhere.

Kaspersky Small Office Security limitations under Microsoft Windows 10 RS4 with the Device Guard mode enabled:

Operation of the following functionality is partly limited:

• Clipboard protection
• Browser protection from keyboard and mouse input emulators (input spoofing)
• Protection from remote management applications
• Browser protection (management through API, protection from attacks that use dangerous messages to browser windows, protection from message queue management)
• Heuristic Analysis (emulation of the startup of malicious applications)

If UMCI mode is enabled in Windows, Kaspersky Small Office Security does not detect screen lockers.

Warning about applications that collect information

If an application that collects information and sends it to be processed is installed on your computer, Kaspersky Small Office Security may classify this application as malware. To avoid this, you can exclude the application from scanning by configuring Kaspersky Small Office Security as described in this document.

Application Control limitations

If VeraCrypt is installed on your computer, Kaspersky Small Office Security may terminate when working with the Application Control component. To resolve this issue, upgrade VeraCrypt to version 1.19 or later.

Application limitations under Microsoft Windows 10 RS5

In Microsoft Windows 10 RS5, you can enable a special mode where the operating system supports case-sensitive names of files and folders.

If the case-sensitive mode is enabled, Kaspersky Small Office Security has the following limitations:

• If the case-sensitive mode is enabled for any folder in the Kaspersky Small Office Security installation path, you cannot install the application to the specified path.
• If the case-sensitive mode is enabled for some files and folders after Kaspersky Small Office Security installation, some application components may not work properly with those files and folders.

Page top