About the 6.x.x Anti-Malware Scan Engine
Technical Articles ID:
KB66741
Last Modified: 2024-03-27 13:29:02 Etc/GMT
Environment
Anti-Malware Scan Engine 6.0.00 (6000), 6.0.10 (6010), 6.1.00 (6100), 6.2.00 (6200), 6.3.00 (6300), 6.4.00 (6400), 6.5.00 (6500), 6.6.00 (6600), 6.7.00 (6700)
Products that use the Anti-Malware Scan Engine
Summary
Recent updates to this article
| Date |
Update |
| March 27, 2024 |
Updated the NOTE under the "Release schedule for the 6700 Scan Engine" section.
Added the following Linux support details:
- ARM64 support for Linux
- Kernel 6.1 support for Linux
|
| February 19, 2024 |
Minor formatting changes; no content updates |
| December 21, 2023 |
Updated "Release schedule for the 6700 Scan Engine" |
This article contains information about releases and how to stop automatic Scan Engine updates from the current Scan Engine to the next Scan Engine version. It also provides links to articles that help you roll back from the next Scan Engine to the current Scan Engine, if needed. For an explanation of the Scan Engine and its function, see KB52425 - Information about the Anti-Malware Scan Engine and its digital signature.
6700 Anti-Malware Scan Engine (Current)
The 6700 Scan Engine includes the following improvements:
- Normalization support for PowerShell scripts
- Increased coverage of MIME samples
- Performance improvement of internal API and the vulnerability fixes
- Multiple bug fixes and minor feature enhancements
New supported platforms:
- Windows 11 23H2
- macOS 14.0 Sonoma (x86-64 and ARM64)
- ARM64 support for Linux
- Kernel 6.1 support for Linux
End of Life (EOL) platforms:
System requirements – disk space and memory:
- At least 512 MB of free hard disk space
- At least another 512 MB of free hard disk space reserved for temporary files
- At least 512 MB of RAM for scanning operations – 1024 MB recommended
- At least 1024 MB of RAM for updating operations
Release schedule for the 6700 Scan Engine
| 6700 Scan Engine Beta |
Starting December 12, 2023 |
| 6700 Scan Engine (Elective Download) General Availability (GA) for corporate products |
January 9, 2024 |
| 6700 Scan Engine (Throttled Auto-Update) GA for ENS |
Starting February 5, 2024 |
| 6700 Scan Engine (Auto-Update) GA for corporate products (except Endpoint Security (ENS)) |
February 14, 2024 |
NOTE: The schedule mentioned above is for Windows, Mac, and Linux operating systems only. Engines for other platforms were made available from March 26, 2024.
IMPORTANT: These timelines are estimates and are subject to change.
6700 Scan Engine download for products that consume V2 or MED DAT virus definition updates:
You can download the 6700 Scan Engine (starting January 9, 2024) from the Security Updates page.
The following products use MED DATs:
- Endpoint Security for Linux (ENSL) 10.7.x
- Endpoint Security for Mac (ENSM) 10.7.x.
The following products use V2 DATs:
- Advanced Threat Defense
- ENSL before 10.7.0, ENSM before 10.7.0
- Management for Optimized Virtual Environments
- Security for Microsoft Exchange (SME)
- Security for SharePoint (PortalShield)
- Skyhigh Web Gateway
- SuperDAT Manager
- VirusScan Command Line Scanner
- VSE
- VirusScan Enterprise for Linux (VSEL)
- VirusScan Enterprise for Storage
- VirusScan for Mac
6700 Scan Engine download for ENS products that consume V3 virus definition updates:
For important information about the 6700 Anti-Malware Scan Engine update for ENS, see KB92669 - About the 6700 Anti-Malware Scan Engine update for Endpoint Security.
The following products use V3 DATs:
- ENS
- Endpoint Security Storage Protection
6600 Anti-Malware Scan Engine (Previous, to be EOL soon)
The 6600 Scan Engine includes the following improvements:
- New Musarubra platform certificates
- Scanning capability for the DEX file-type
- New PDF 256-bit AES and RC4 40-bit Encryption support
- Enhancements on the supported APK extensions file
- Extended AutoIT 2.x support
- Handling of manipulated MIME headers
- Multiple bug fixes and minor feature enhancements
6500 Anti-Malware Scan Engine (EOL on June 30, 2023)
The 6500 Scan Engine includes the following improvements:
- Support for APK file-type
- Hit-type support for ARM platform
- Expansion of the exhausted hit-type limits of Extra DAT(ED)
- Negative driver support on ED
- Multiple bug fixes and minor feature enhancement
- Performance improvement
6400 Anti-Malware Scan Engine (EOL on December 14, 2022)
The 6400 Scan Engine includes the following improvements:
- Improved DMG extraction support to include the APFS file system and UDRW format
- Security enhancements by moving away from the vulnerable OpenSSL libraries
- Provision for decoding the b64decode from the buffer
- Augmented driver-limits to enable authoring bigger and complex detection codes
- Ability to use Regular Expressions in drivers to supplement pattern-matching algorithms
- Expansion of the exhausted hit-type limits to target more malware families
- Supplementing of the contemporary XL4 code to add support for RC4 CryptoAPI decryption
- Code optimization and minor bug fixes
6300 Anti-Malware Scan Engine (EOL on June 15, 2022)
The 6300 Scan Engine includes the following improvements:
- Enhanced threat landscape with added support for MPress (LZMAT) and DMG file-type support
- Improved coverage on OLE and Excel file-types
- Better handling of VBA and Jar files and wider coverage for UPX packed files
- Catered multiple research requirements to improve the detection effectiveness with better handling in content
- Several bug fixes, and performance and security improvements
6200 Anti-Malware Scan Engine (EOL on December 31, 2021)
The 6200 Scan Engine includes the following improvements:
- Enhanced threat landscape with added support for MSIL and AutoIT-based malware
- Extended coverage for PDF and ISO file types
- Added provision to author better content with decoding support for ADC and LZFSE
- Better handling capability for Linux and macOS threats
- Multiple features for better driver handling, which improves detection effectiveness
- Several bug fixes and performance improvements
6100 Anti-Malware Scan Engine (EOL on June 10, 2021)
The 6100 Scan Engine includes the following improvements:
- Enhanced threat landscape coverage with added support for 7Z, RAR5, and ISO archive file-types
- Improved detection with added support for WinACE2, BZIP2, LZMA2, BCJ, and PPMD Codecs
- Better handling capability for non-PE-based malware with added Driver Ordering support
- Improved precision in detection with added floating-point support
- Several bug fixes, security fixes, and performance improvements
6010 Anti-Malware Scan Engine (EOL on November 28, 2020)
The 6010 Scan Engine includes the following improvements:
- Future platform support, including case-sensitivity support for the Windows 10 May 2019 Update (version 1903)
- File scanning performance improvements for Windows
- Sustaining fixes for all platforms
6000 Scan Engine (EOL on November 28, 2020)
The 6000 Scan Engine includes the following improvements:
- Enhanced JavaScript engine, stabilization, and performance improvements. JavaScript processing capability was added in the 5900 Scan Engine
- Augmented VBA Macro file handling to improve detection capabilities on malware hidden in VBA Macros
- Added internal APIs for file, directory, process, and registry handling to enable safer DAT content authoring
- Added support for 64-bit binary disassembly
- Enhanced ELF Handler to improve detection capabilities on 64-bit ELF binaries
- Improved DAT initialization performance to tackle increasing DAT content
- Miscellaneous fixes of defects and customer escalations
Rolling back to an earlier version for products consuming V2 DATs
To roll back the Scan Engine for your managed product to an earlier version, see the relevant article.
Stopping automatic updates for products consuming V2 DATs
To stop your managed product from automatically upgrading to the latest posted Scan Engine, see the relevant article.
|
