MS11-079: Vulnerabilities in Microsoft Forefront Unified Access Gateway could cause remote code execution: October 11, 2011

How to obtain help and support for this security update

For enterprise customers, support for security updates is available through your usual support contacts.

Known issues with this security update

• When you uninstall this security update, you are prompted to insert the Microsoft Forefront Unified Access Gateway (UAG) CD. The installation program then closes, and you receive a 2920 error. To remove this security update, log on as an administrator, and then uninstall the update by using the Programs and Features item in Control Panel. Click View installed updates to access the update.
  
  
  
  Note We do not recommend that you uninstall any security update.

• You cannot use the /quiet and /forcerestart switches in combination when you install this update.

• After you install this security update, the Remote Desktop Gateway service may not restart automatically. When you try to use the Remote Desktop client to create a remote desktop session, you may receive an error message that resembles the following:
  

  Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance.

  
  If you have any Remote Desktop Services applications that are published by using any UAG trunk, you must manually restart the service by using the Services console.

• If you install this security update on the original RTM version of Forefront Unified Access Gateway, and then you apply Forefront Unified Access Gateway Update 1 or Forefront Unified Access Gateway Update 2, you must install this security update again.

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.

• 2522482 MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010: October 11, 2011
  
  Known issues in security update 2522482:
  
  

  • This security update is listed in Programs and Features under Installed Updates as "Hotfix for Microsoft Forefront UAG 8." There is no mention that this is a security update. Security updates are otherwise typically listed as "Security Update for xxxxx." For example, this security update should be listed as "Security Update for UAG 2010."

• 2522483 MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Update 1: October 11, 2011

• 2522484 MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Update 2: October 11, 2011
  
  Known issues in security update 2522484:

  • This update changes MicrosoftClient.JAR Java applet. In addition to this update, the next Java security update that is issued on October 18 disables the older version of the MicrosoftClient.JAR file. If you do not install this update, the old version of MicrosoftClient.JAR file is blocked through the Java Runtime Environment update and stops functioning. For more information about the SUN/Oracle security update, visit the following Oracle webpage:

    Critical Patch Updates and Security Alerts Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

• 2522485 MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Service Pack 1: October 11, 2011

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.