DETAILED ACTION
Response to Amendment
A response was received on 23 February 2026. It is noted that the pages are not numbered sequentially, but rather the numbering is restarted for each section, and therefore the page numbers on page 1 do not match those of the subsequent pages. For convenience, Applicant’s numbering will be used for reference throughout this Office action.
The amendments to the specification do not comply with the requirements of 37 CFR 1.121(b)(1)(ii) that replacement paragraphs must include markings showing all changes relative to the previous version of the paragraph, where underlining is to be used to show added text and strikethrough or double brackets are to be used to show deleted text. Although Applicant states that the replacement paragraphs are submitted to cleanly incorporate the amendments previously filed on 21 February 2025 (page 1 of the present specification section), the replacement paragraphs do not clearly reflect the changes previously made and do not correctly reflect the 21 February 2025 versions of the paragraphs. Paragraph 0007 does not reflect amendments with respect to either the non-entered version of the paragraph filed 21 February 2025 or the last entered version of the paragraph filed 12 September 2022. Paragraphs 0024 and 0027 do not appear to include the complete versions of the paragraphs. Paragraphs 0024, 0027, 0052, and 0060 appear to include markings other than those set forth in 37 CFR 1.121(b), such as single brackets, asterisks, and tildes. All of the replacement paragraphs appear to include changes (added and/or deleted text) that are not clearly marked as required. The amendments to the specification have NOT been entered because the actual amendments are not clear. Applicant is again hereby required to resubmit the amendments to the specification in a manner fully compliant with 37 CFR 1.121(b). The objections to the disclosure for informalities, the objection to the amendment filed 12 September 2022 under 35 U.S.C. 132(a) as introducing new matter, and the objection to the specification for failure to provide proper antecedent basis for the claimed subject matter are maintained as set forth below.
The amendments to the claims do not fully comply with the requirement of 37 CFR 1.121(c) that the status of every claim must be indicated. In particular, at least Claims 8 and 12 are indicated with the status “currently amended” but it appears that no amendments have been made to these claims. Further, the amendments to the claims do not fully comply with the requirement of 37 CFR 1.121(c)(2) that amended claims must be submitted with markings indicating the changes made relative to the immediate prior version of the claims. At least Claim 14 appears to include added text that has not been marked by underlining as required; appears to include text, marked with strikethrough for deletion, which was not previously present in the claim; and appears to have had text deleted without being marked as required. As a courtesy and to advance prosecution, the amendments to the claims have been entered and treated as though they were fully in compliance with the requirements of 37 CFR 1.121(c). Applicant is reminded that all subsequent amendments must fully comply with 37 CFR 1.121.
By the above response, Claims 1, 2, 7, 11, and 13-15 have been amended. No claims have been added or canceled. Claims 1-4, 6-9, and 11-15 are currently pending in the present application.
Response to Arguments
Applicant's arguments filed 23 February 2026 have been fully considered but they are not persuasive.
Regarding the various objections to the specification, Applicant argues that clean compliant replacement paragraphs have been submitted (page 1 of the present remarks). However, as noted above, the replacement paragraphs are not in clean form (and should not be in clean form) and also do not clearly include the required markings indicating the changes made relative to the previous version of the paragraphs. Applicant further argues that paragraph 0007 has been resubmitted “without the previously challenged additions” (pages 1-2 of the present remarks); however, the proposed amendment to paragraph 0007 does not appear to reflect the previous version(s) of the paragraph. As noted above, the amendments to the specification are still not in compliance with 37 CFR 1.121(b) and have not been entered. Applicant is required to resubmit the amendments to the specification in a manner compliant with 37 CFR 1.121(b).
Regarding the rejection of Claims 1-4, 6-9, and 11-15 under 35 U.S.C. 112(a) for failure to comply with the written description requirement, Applicant asserts that independent Claims 1, 14, and 15 have been amended to remove the unsupported “updated security policy” language (pages 2-3 of the present remarks); however, while this language has been deleted from Claim 15, the limitations at issue have not been deleted from Claims 1 or 14.
Regarding the rejection of Claims 1-4, 6-9, and 11-15 under 35 U.S.C. 112(b) as indefinite, Applicant argues that the independent claims have been amended to recite monitoring whether a user opens or intentionally avoids opening the specific file to provide a positive action to be monitored (page 3 of the present remarks); however, as detailed below, “intentionally avoids” appears to raise new issues of indefiniteness. Further, it is not clear how intentionally avoiding opening the file could be monitored for, unless this is intended to be tied to monitoring whether it is opened or not within a particular timeframe. Additionally, as noted below, not all issues have clearly been addressed.
Regarding the rejection of Claims 1-4, 6-9 and 11-15 under 35 U.S.C. 103 as unpatentable over Tadic et al, US Patent Application Publication 2018/0018464, in view of Manadhata et al, US Patent 8621233, Applicant generally argues that Tadic and Manadhata do not teach tracking the specific binary action of opening or intentionally avoiding opening a file and that the references do not suggest “leveraging crowdsourced human behavior… to dynamically increment or decrement an obsolete counter for that specific file format across a remote server” (pages 4-6 of the present remarks, citing Tadic, paragraph 0066, and Manadhata, column 5, lines 27-42). In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., leveraging crowdsourced behavior across a remote server) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Further, as detailed below, it is not clear how the user’s intent of whether or not they open a file is determined, nor is it clear how to determine whether a user is avoiding opening a file (which may not be successful). To the extent that the indefinite limitation can be construed, Tadic at least suggests monitoring actions and adjusting a counter relative to a threshold when a format is obsolete (paragraph 0066, counter, as previously cited; see also paragraph 0065, owner type of a supporting program is considered, i.e. whether the file is or can be opened).
Therefore, for the reasons detailed above, the Examiner maintains the rejections as set forth below.
Specification
As noted in the previous Office actions, the amendments to the specification filed 21 February 2025 were not fully compliant with 37 CFR 1.121(b) and have not been entered, and must be resubmitted in a manner fully compliant with the provisions of 37 CFR 1.121(b). As noted above, the present amendments to the specification are also not fully compliant with 37 CFR 1.121(b) and have not been entered, and because of the numerous unclear markings and/or omissions from the paragraphs, they have not been considered further. The objection to the disclosure for informalities; the objection to the amendment filed 12 September 2022 under 35 U.S.C. 132(a) as introducing new matter; and the objection to the specification for failure to provide proper antecedent basis for the claimed subject matter are NOT withdrawn, because the amendments were not entered as detailed above and in the Office action mailed 27 March 2025.
The disclosure is objected to because of the following informalities:
The specification includes minor grammatical and other errors. For example, in paragraph 0024, line 38 (see page 3 of the 21 February 2025 response), there is no generic description provided for “FORTIDDOS”. It is noted that the proposed amendment of “FORTI Distributed Denial of Service” (see page 4 of the 21 February 2025 response) does not clearly provide a generic description of what this product does. In paragraph 0027, line 41 (see page 5 of the response filed 13 March 2023), it appears that “format” may be intended to read “formats”; it is noted that the proposed amendment (see pages 4-5 of the 21 February 2025 response) appears to remove earlier amendments made and does not clearly reflect the most recent version of the paragraph. In paragraph 0052, lines 5 and 9 (see page 5 of the response filed 13 March 2023), it appears that the reference to “operation monitoring module 607” should instead use reference character 605; it is noted that the proposed amendment changes references to “obsolete counter module 607” to also use reference character 605, which appears to be inconsistent with the drawings (see page 6 of the 21 February 2025 response). Further, the proposed amendment does not appear to reflect earlier amendments to the paragraph. In paragraph 0060, lines 3-10 (see the specification as originally filed), it appears that the list could be clarified by separating the list items by semicolons, as it appears that certain list items may include internal commas. The proposed amendment appears to add nested parentheses, which also makes the list further unclear. It appears that there may be intended to be four list items: hard disk drives, solid state drives, optical discs, and RAID storage. These items should be more clearly delineated.
Appropriate correction is required. Applicant’s cooperation is again requested in correcting any other errors of which applicant may become aware in the specification.
The amendment filed 12 September 2022 is objected to under 35 U.S.C. 132(a) because it introduces new matter into the disclosure. 35 U.S.C. 132(a) states that no amendment shall introduce new matter into the disclosure of the invention. The added material which is not supported by the original disclosure is as follows: The added material which is not supported by the original disclosure is as follows: “an obsolete file database”, “a file format corresponding to a target application”, and “an obsolete file format that has been replaced with a current file format and without security patch support” (see amended paragraph 0007, pages 2-3 of the 12 September 2022 response).
Applicant is required to cancel the new matter in the reply to this Office Action.
It is acknowledged that, if the previously proposed amendment to paragraph 0007 (page 2 of the 21 February 2025 response) were resubmitted and entered, this objection would be overcome.
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the following is required: Independent Claims 1 and 14 were previously amended to recite “wherein the security policy is updated response to [sic] the obsolete counter surpassing a threshold at the remote server”. Although the specification generally discloses a security policy, there is not clear description of updating a security policy. Therefore, there is not clear antecedent basis for the claimed subject matter in the specification. For further detail, see below with respect to the rejection under 35 U.S.C. 112(a) for failure to comply with the written description requirement.
Claim Rejections - 35 USC § 112
The rejection of Claim 15 under 35 U.S.C. 112(a) is withdrawn in light of the amendments to the claim. The rejection of Claims 1-4, 6-9, and 11-14 under 35 U.S.C. 112(a) for failure to comply with the written description requirement and the rejection of Claims 1-4, 6-9, and 11-15 under 35 U.S.C. 112(b) as indefinite are NOT withdrawn, because not all issues have been addressed and/or because the amendments have raised new issues, as detailed below.
The following is a quotation of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-4, 6-9, and 11-14 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Independent Claims 1 and 14 were previously amended to recite “wherein the security policy is updated response to [sic] the obsolete counter surpassing a threshold at the remote server”. Although the specification generally discloses a security policy (see paragraph 0051) and generally discloses determining a format is obsolete if the counter is over a threshold (e.g. paragraph 0052), there is not clear description of updating the policy and no clear mention of taking any action responsive to the counter surpassing a threshold. Applicant has also still not pointed out in the present response where the amended claims are supported. Therefore, there is not clear written description of the claimed subject matter in the specification. See also MPEP § 2163.04.
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-4, 6-9, and 11-15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “a user… intentionally avoids opening the specific file” in lines 23-24 and “the user intentionally avoiding opening the specific file” in lines 29-30. The use of the terms “intentionally” and “avoids” are unclear, because the intent of the user is a subjective state of mind, and because avoiding opening may still result in the file being opened (i.e. the user can attempt to avoid it but it could still happen). It is not clear how to determine whether the user attempted to avoid opening the file, in contrast to determining whether the file is opened or not within a particular time frame, for example. See also MPEP § 2173.05(b). The claim further recites “wherein the security policy is updated response to the obsolete counter surpassing a threshold” in lines 43-45. The phrase “the security policy is updated response to” is grammatically unclear and appears to be missing critical language; for example, it is not clear whether this is intended to read that the security policy is an updated response, or that the security policy is updated in response to the counter surpassing the threshold, or another interpretation. Further, it is not clear whether “a threshold” is intended to refer to the threshold count in line 38 or a distinct threshold. The above ambiguities render the claim indefinite.
Claim 2 recites “the file” in lines 4-5. It is not clear whether this is intended to refer to the specific file or a different file.
Claim 3 recites “the computer” in lines 4 and 5-6. There is not clear antecedent basis for this limitation in the claims; for example, it is not clear whether this is intended to refer to one of the plurality of computer devices recited in Claim 1 or a different computer. Claim 3 further recites “a network to which the computer is connected” in lines 3-4. It is not clear whether this is intended to refer to the data communication network or a distinct network. The claim additionally recites “the file” in line 4. It is not clear whether this is intended to refer to the specific file or a different file.
Claim 6 recites “the file” in line 3. It is not clear whether this is intended to refer to the specific file.
Claim 8 recites “when an embedded file is determined to exist: determining, by the security device, a file format of the embedded file; determining, by the security device, whether the file format of the embedded file is obsolete” in lines 5-9. These steps are not connected by a conjunction (e.g. “and” or “or”) and therefore it is not clear whether both steps are required or if they are alternatives. The claim further recites “determining the specific file format is obsolete” in lines 10-11. However, this immediately follows determining whether the file format of the embedded file is obsolete, so it is unclear why this refers to determining a different file format (the specific file format) is obsolete. Claim 8 additionally recites “security action” in line 12. The lack of an article or other descriptor (e.g. “a”, “the”, “said”) makes it unclear whether this is intended to refer to a previously recited security action or a distinct security action. The claim also recites “the file” in line 12. It is not clear whether this is intended to refer to the specific file recited in Claim 1 or to the embedded file recited in Claim 8.
Claim 9 recites “the file format” in lines 2-3. Because there are plural formats recited in Claim 1, it is not clear to which of these formats this limitation is intended to refer. Claim 9 further recites “a remote server” in line 6. It is not clear whether this is intended to refer to the same server as in Claim 1 or a distinct remote server.
Claim 12 recites “the file” in line 4. It is not clear whether this is intended to refer to the specific file or a distinct file.
Claim 13 recites “a threshold” in lines 3-4. It is not clear whether this threshold is the same as the threshold count in Claim 1.
Claim 14 recites “the network packets” in line 10. There is not clear antecedent basis for this limitation in the claim. The claim further recites “a user… intentionally avoids opening the specific file” in lines 24-25 and “the user intentionally avoiding opening the specific file” in lines 30-31. The use of the terms “intentionally” and “avoids” are unclear, because the intent of the user is a subjective state of mind, and because avoiding opening may still result in the file being opened (i.e. the user can attempt to avoid it but it could still happen). It is not clear how to determine whether the user attempted to avoid opening the file, in contrast to determining whether the file is opened or not within a particular time frame, for example. See also MPEP § 2173.05(b). The claim further recites “wherein the security policy is updated response to the obsolete counter surpassing a threshold” in lines 44-46. The phrase “the security policy is updated response to” is grammatically unclear and appears to be missing critical language; for example, it is not clear whether this is intended to read that the security policy is an updated response, or that the security policy is updated in response to the counter surpassing the threshold, or another interpretation. Further, it is not clear whether “a threshold” is intended to refer to the threshold count in line 39 or a distinct threshold. The above ambiguities render the claim indefinite
Claim 15 recites “a network interface” in line 15. It is not clear whether this is intended to refer to the same interface recited in line 6 or to a distinct interface. The claim further recites “the obsolete file database” in lines 24-25. It is not clear whether this is intended to refer to the obsolete file format database. The claim additionally recites “the user… intentionally avoiding opening the specific file” in lines 31-33 and “the user intentionally avoiding opening the specific file” in lines 37-38. The use of the terms “intentionally” and “avoiding” are unclear, because the intent of the user is a subjective state of mind, and because avoiding opening may still result in the file being opened (i.e. the user can attempt to avoid it but it could still happen). It is not clear how to determine whether the user attempted to avoid opening the file, in contrast to determining whether the file is opened or not within a particular time frame, for example. See also MPEP § 2173.05(b). The above ambiguities render the claim indefinite
Claims not specifically referred to above are rejected due to their dependence on a rejected base claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4, 6-9, and 11-15 are rejected under 35 U.S.C. 103 as being unpatentable over Tadic et al, US Patent Application Publication 2018/0018464, in view of Manadhata et al, US Patent 8621233.
In reference to Claim 1, Tadic discloses a method that includes storing indications of obsolete file formats in a database (paragraph 0053); a security device capturing a file received through network packets on a network interface on a computer (Figure 3, step 302; paragraph 0033, receive files); determining a file format of the file based on a file extension and whether the format is obsolete by looking up in the database (Figure 3, step 304; paragraph 0034, determine type of file such as by extension matching; see also paragraph 0053); and responsive to the format being obsolete (Figure 3, step 310; paragraph 0042, determine how to mitigate or remedy vulnerability from obsolescence) notifying a user, monitoring actions of opening or avoiding opening the specific file, adjusting a counter where a threshold determines whether the format is obsolete, and taking a security action in response to the threshold, where a security policy is updated in response to the counter surpassing the threshold (paragraph 0042, mitigation and remedy actions; paragraph 0066, counter, and see also paragraph 0065, owner type of a supporting program is considered, i.e. whether the file is or can be opened; paragraph 0049, rules, i.e. policy; paragraph 0042, updating to be less vulnerable to obsolescence). However, Tadic does not explicitly disclose preventing storage of the file or collecting information from users.
Manadhata discloses a method that includes preventing storage of files determined to be dangerous or malicious based on file attributes or descriptions (column 10, lines 5-22; see also column 5, lines 27-42 for further details of path and file attributes including type), and further discloses a remote server collecting information from a plurality of users at a plurality of computer devices (column 10, lines 5-22; see also Figure 1 and column 3, line 36-column 4, line 62, where the security server receives information from endpoints). In combination with the teachings of Tadic, this would suggest quarantining or preventing storage of dangerous files, such as those with obsolete formats. Therefore, it would have been obvious to of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the method of Tadic to include the storage prevention or quarantining as well as collecting information from users, as taught by Manadhata, in order to prevent a file from performing malicious actions (see Tadic, paragraph 0042, mitigating obsolescence, and Manadhata, column 10, lines 17-22, preventing malicious actions by quarantining).
In reference to Claims 2-4, Tadic and Manadhata further disclose an antivirus application scanning files, a network security device intercepting files, or an add-on to a browser (Tadic, Figures 1 and 2, system 100, vulnerabilities system 104/204; see also paragraphs 0030-0031 and 0033; see also Manadhata throughout, discussing detection of malware).
In reference to Claims 6 and 7, Tadic and Manadhata further disclose determining the format based on an extension, file structure, header, or magic bytes (Tadic, paragraphs 0034-0035, extensions, magic bytes, rules for determining object type).
In reference to Claims 8, 12, and 13, Tadic and Manadhata further disclose determining a file format of an embedded file and whether the format of the embedded file is obsolete, and performing an action on the embedded file if the format is obsolete (Tadic, Figure 3, step 304; paragraph 0034; Figure 3, step 310; paragraph 0042; see also Manadhata, column 10, lines 5-22) as well as monitoring and counting the actions (see Tadic, paragraph 0066).
In reference to Claim 9, Tadic and Manadhata further disclose checking the format in an obsolete file format list or requesting a remote server to check the format (see Tadic, paragraph 0008; see also paragraphs 0034 and 0053).
In reference to Claim 11, Tadic and Manadhata further disclose sending a warning, quarantining the file, converting the file to a new format, deleting the file, or blocking transmission of the file (see Tadic, paragraph 0042, mitigation and remedy actions include converting object; see also Manadhata, column 10, lines 5-22).
Claim 14 is directed to a software implementation of the method of Claim 1, and is rejected by a similar rationale.
Claim 15 is directed to a computer having functionality corresponding to the method of Claim 1, and is rejected by a similar rationale, mutatis mutandis.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Zachary A. Davis/Primary Examiner, Art Unit 2492