MS09-016: Description of the security update for ISA Server 2004: April 14, 2009

View products that this article applies to.

INTRODUCTION

Microsoft has released security bulletin MS09-016. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Home users:
http://www.microsoft.com/protect/computer/updates/bulletins /200904.mspx (http://www.microsoft.com/protect/computer/updates/bulletins/200904.mspx)
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:
http://update.microsoft.com/microsoftupdate/ (http://update.microsoft.com/microsoftupdate/)
IT professionals:
http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx (http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx)

Back to the top

How to obtain help and support for this security update

For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site:

http://support.microsoft.com/common/international.aspx?rdpath=4 (http://support.microsoft.com/common/international.aspx?rdpath=4)

North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the following Microsoft Web site:

http://support.microsoft.com/oas/default.aspx?&prid=7552 (http://support.microsoft.com/oas/default.aspx?&prid=7552)

For enterprise customers, support for security updates is available through your usual support contacts.

Back to the top

MORE INFORMATION

This security update fixes the following issues.

Consider the following scenario:

You configure Web publishing, Web proxy, or Automatic discovery in Microsoft Internet Security and Acceleration (ISA) Server 2004.
A client establishes a TCP session with the corresponding listener.
The client violates the TCP state before any data is sent.

In this scenario, ISA Server 2004 may stop accepting new requests. This problem occurs because ISA Server 2004 does not correctly manage TCP states for Web listeners.

Back to the top

FILE INFORMATION

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

ISA Server 2004 Enterprise Edition

Collapse this tableExpand this table

File name	File version	File size	Date	Time	Platform
Compadmin.dll	4.0.3445.909	172,976	12-Feb-2009	00:47	x86
Comphp.dll	4.0.3445.909	195,520	12-Feb-2009	00:47	x86
fweng.sys	4.0.3445.909	409,392	12-Feb-2009	00:47	x86
msfpc.dll	4.0.3445.909	435,120	12-Feb-2009	00:47	x86
ratlib.dll	4.0.3445.909	41,904	12-Feb-2009	00:47	x86
msfpcsnp.dll	4.0.3445.909	4,985,776	12-Feb-2009	00:47	x86
msphlpr.dll	4.0.3445.909	467,904	12-Feb-2009	00:47	x86
w3filter.dll	4.0.3445.909	849,840	12-Feb-2009	00:47	x86
wspsrv.exe	4.0.3445.909	1,199,552	12-Feb-2009	00:47	x86
Httpfilter.dll	4.0.3445.909	146,368	12-Feb-2009	00:47	x86
Radiusauth.dll	4.0.3445.909	69,040	12-Feb-2009	00:47	x86

ISA Server 2004 Standard Edition

Collapse this tableExpand this table

File name	File version	File size	Date	Time	Platform
Compadmin.dll	4.0.2167.909	164,768	22-Jan-2009	08:33	x86
Comphp.dll	4.0.2167.909	193,960	22-Jan-2009	08:33	x86
fweng.sys	4.0.2167.909	385,568	22-Jan-2009	08:33	x86
msfpc.dll	4.0.2167.909	377,248	22-Jan-2009	08:33	x86
sumgen.dll	4.0.2167.909	524,712	22-Jan-2009	08:33	x86
ratlib.dll	4.0.2167.909	38,312	22-Jan-2009	08:33	x86
msfpcsnp.dll	4.0.2167.909	3,805,608	22-Jan-2009	08:33	x86
msphlpr.dll	4.0.2167.909	431,016	22-Jan-2009	08:33	x86
w3filter.dll	4.0.2167.909	824,736	22-Jan-2009	08:33	x86
wspsrv.exe	4.0.2167.909	1,056,160	22-Jan-2009	08:33	x86
Httpfilter.dll	4.0.2167.909	144,296	22-Jan-2009	08:33	x86
Radiusauth.dll	4.0.2167.909	71,072	22-Jan-2009	08:33	x86

Prerequisites

You must have ISA Server 2004 Enterprise Edition Service Pack 3 or Standard Edition Service Pack 3 installed to apply this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Back to the top

REFERENCES

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 (http://support.microsoft.com/kb/824684/ ) Description of the standard terminology that is used to describe Microsoft software updates

Back to the top

APPLIES TO

Microsoft Internet Security and Acceleration Server 2004 SP3, when used with:

Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
Microsoft Internet Security and Acceleration Server 2004 Standard Edition
Microsoft Windows Small Business Server 2003 R2 Premium Edition
Microsoft Windows Small Business Server 2003, Premium Edition Service Pack 1 (SP1)

Back to the top

kbsecvulnerability kbsecbulletin kbsecurity kbexpertiseinter kbsurveynew KB960995

Back to the top