MS09-016: Description of the Forefront Threat Management Gateway MBE hotfix package: April 14, 2009

View products that this article applies to.

INTRODUCTION

Microsoft has released security bulletin MS09-016. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Home users:
http://www.microsoft.com/protect/computer/updates/bulletins /200904.mspx (http://www.microsoft.com/protect/computer/updates/bulletins/200904.mspx)
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:
http://update.microsoft.com/microsoftupdate/ (http://update.microsoft.com/microsoftupdate/)
IT professionals:
http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx (http://www.microsoft.com/technet/security/bulletin/ms09-016.mspx)

Back to the top

How to obtain help and support for this security update

For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site:

http://support.microsoft.com/common/international.aspx?rdpath=4 (http://support.microsoft.com/common/international.aspx?rdpath=4)

North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the following Microsoft Web site:

http://support.microsoft.com/oas/default.aspx?&prid=7552 (http://support.microsoft.com/oas/default.aspx?&prid=7552)

For enterprise customers, support for security updates is available through your usual support contacts.

Back to the top

MORE INFORMATION

This security update fixes the following issues:

961831 (http://support.microsoft.com/kb/961831/ ) You encounter a Web listener TCP State vulnerability in Forefront Threat Management Gateway MBE
968076 (http://support.microsoft.com/kb/968076/ ) A cross-site scripting vulnerability in Forefront Threat Management Gateway MBE allows for redirection to malicious sites

This security update also resolves a problem in which Forefront Threat Management Gateway Medium Business Edition (MBE) may shut down unexpectedly with the following error:

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) Arguments: Arg1: 0000000000000040, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, value 0 = read operation, 1 = write operation Arg4: fffffa6000a0a9e5, address which referenced memory

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

962006 (http://support.microsoft.com/kb/962006/ ) Forefront Threat Management Gateway MBE crashes with the following Bug Check error: "DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)"

Back to the top

FILE INFORMATION

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Collapse this tableExpand this table

File name	File version	File size	Date	Time	Platform
Cookieauthfilter.dll	6.0.6417.153	476,592	10-Mar-2009	01:04	x86
msphlpr.dll	6.0.6417.153	894,400	10-Mar-2009	01:04	x86
wspsrv.exe	6.0.6417.153	1,439,152	10-Mar-2009	01:04	x86
Fweng.sys	6.0.6417.153	755,120	19-Feb-2009	02:09	x86
Fweng64.sys	6.0.6417.153	853,936	19-Feb-2009	02:09	x64
Fweng64100.sys	6.0.6417.100	857,184	18-Feb-2009	21:52	x64
Msfpcpatch.dll	6.0.6417.153	161,728	10-Mar-2009	01:03	x86