• Windows Server operating system support. You can now protect computers running desktop (Windows 7-10) and server operating systems (Windows Server 2008R2-2019).
• Shared folders protection. Kaspersky Anti-Ransomware Tool for Business now is able to prevent attempts made by other network machine to encrypt shared folders.
• Crypto-miners prevention. In addition to malware objects, the application can now detect and block adware, pornware, and riskware objects (including crypto-mining software).
• Daily reports delivery. A daily delivery option is now available for the detected objects report, along with monthly and weekly reports.
• Redesigned Installation Wizard. The application is now installed with a more consistent user experience.

Limitations in restoring files:

• In some cases, the application does not delete files created by malware.
• The application does not delete or restore files that are being used by another process.
• The application rolls back all file modifications that were made during analysis of a process.
• The application does not support EFS-encrypted files.
• Cloud files may be restored to local folders.
• The application does not restore files located:
  • On storage devices with file systems other than NTFS, including re-writable optical discs (CD-RW, DVD-RW).
  • On Windows network drives.

Limitations in restoring registry keys:

• The application may not restore some registry keys, resulting in “an application couldn’t be launched” messages.

Limitations in restoring system activity:

• Shutting down processes or process flows affected by malware may cause unstable performance of the operating system.

Limitations in detecting malware, adware, and other activity:

• The application does not control file changes initiated through the loopback interface if software running on a computer tries to access files over the network that are located on the same computer and available for modification.
• The application does not control file changes initiated by processes running at the operating system kernel level.
• There will be no report entries if no threats are detected or if the application fails to scan an object. There will only be report entries if malware is detected.
• The application does not detect activity from shared folders of adware or legitimate software that could be used to damage the user's data.

• When connected to the Internet via a proxy server, a report will only be sent to the administrator if the SMTP server is within the local area network.
• When application from the Blocked list is added to the Allowed list, it has to be deleted manually from the Blocked list before it is allowed to start.
• If there is any connectivity issue while a report is being sent, the next attempt to send it will be made according to the schedule specified in the application settings.
• In some cases, empty folders may remain after the application has been uninstalled.
• In rare cases, the application interface may be unstable if the application is used in multiple user sessions. This does not affect the protection level.
• For the Trusted machines feature to work, the Audit logon events function must be enabled in Windows settings.
• The application settings are not automatically transferred when updating from the beta1 and beta2 versions.