Symptoms
Consider the following scenario:
-
You have Microsoft Forefront Threat Management Gateway Client installed on a client computer that is running a Windows operating system.
-
You install security update 2520426 on the client computer.
-
You do one of the following things:
-
You run Microsoft ActiveSync for a device such as a Windows Embedded CE-based device.
-
You run an application that calls the NSPLookupServiceNext() function, and the function calls the NSPLookupServiceBegin() function that contains a dwControlFlags parameter of LUP_RETURN_BLOB.
-
In this scenario, ActiveSync does not work, or the application fails during name resolution.
Cause
This problem occurs because of a regression that is introduced by security update MS11-040.
Resolution
To resolve this problem, install the hotfix rollup that is described in the following Microsoft Knowledge Base article:
2616324 A hotfix rollup is available for Forefront Threat Management Gateway Client
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
For more information about security update 2520426, click the following article number to view the article in the Microsoft Knowledge Base:
2520426 MS11-040: Vulnerability in Threat Management Gateway Firewall Client could cause remote code execution: June 14, 2011For more information about the NSPLookupServiceNext() function, visit the following Microsoft Developer Network (MSDN) website:
NSPLookupServiceNext functionFor more information about the NSPLookupServiceBegin() function, visit the following MSDN website:
NSPLookupServiceBegin functionFor more information about Firewall client computers, visit the following Microsoft TechNet website:
About firewall client computersFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates