Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
A cross-site scripting vulnerability in Forefront Threat Management Gateway MBE allows for redirection to malicious sites
Article ID: 968076 - View products that this article applies to.
Consider the following scenario:
This problem occurs because Threat Management Gateway MBE's forms-based authentication filter does not correctly cleanse the input data that the filter receives from the user.
To resolve this problem, apply the hotfix rollup package that is described in the following Microsoft Knowledge Base article:
(http://support.microsoft.com/kb/968075/ )MS09-016: Description of the Forefront Threat Management Gateway MBE hotfix package: April 14, 2009
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about this vulnerability, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms09-016.mspxFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/LN/ )Description of the standard terminology that is used to describe Microsoft software updates