MS09-016: Description of the ISA Server 2006 hotfix package: April 14, 2009

Article translations Article translations
Article ID: 968078 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released security bulletin MS09-016. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

This security update fixes the following issues:
  • 958951 ISA Server stops accepting new requests after you configure Web publishing, Web proxy, or Automatic discovery
  • 968077 A cross-site scripting vulnerability in ISA Server 2006 allows for redirection to malicious sites
For more information about this vulnerability, click the following MSRC article for MS09-016:
http://support.microsoft.com/kb/961759

FILE INFORMATION

The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
For the original version of ISA Server 2006
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Authdflt.dll5.0.5720.172157,11203-Mar-200901:36x86
Comphp.dll5.0.5720.172180,66403-Mar-200901:36x86
Complp.dll5.0.5720.17272,12003-Mar-200901:36x86
Cookieauthfilter.dll5.0.5720.172394,68003-Mar-200901:36x86
Diffserv.dll5.0.5720.172106,93603-Mar-200901:36x86
msfpc.dll5.0.5720.172550,32803-Mar-200901:36x86
msfpccom.dll5.0.5720.1726,410,16803-Mar-200901:36x86
msfpcui.dll5.0.5720.1722,810,29603-Mar-200901:36x86
ratlib.dll5.0.5720.17251,12803-Mar-200901:36x86
msfpcsnp.dll5.0.5720.1725,857,20803-Mar-200901:36x86
socksflt.dll5.0.5720.172107,96003-Mar-200901:36x86
w3filter.dll5.0.5720.172892,85603-Mar-200901:36x86
w3prefch.exe5.0.5720.172172,47203-Mar-200901:36x86
wspsrv.exe5.0.5720.1721,212,34403-Mar-200901:36x86
Fweng.sys5.0.5720.172407,48003-Mar-200901:36x86
Httpfilter.dll5.0.5720.172155,57603-Mar-200901:36x86
Linktranslation.dll5.0.5720.172248,24803-Mar-200901:36x86
Wploadbalancer.dll5.0.5720.172108,98403-Mar-200901:36x86
For ISA Server 2006 with the Supportability Update installed
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Authdflt.dll5.0.5721.261162,74427-Feb-200900:18x86
Comphp.dll5.0.5721.261182,20027-Feb-200900:18x86
Complp.dll5.0.5721.26173,14427-Feb-200900:18x86
Cookieauthfilter.dll5.0.5721.261401,33627-Feb-200900:18x86
Diffserv.dll5.0.5721.261107,96027-Feb-200900:18x86
msfpc.dll5.0.5721.261568,24827-Feb-200900:18x86
msfpccom.dll5.0.5721.2616,420,92027-Feb-200900:18x86
sumgen.dll5.0.5721.261515,51227-Feb-200900:18x86
ratlib.dll5.0.5721.26151,64027-Feb-200900:18x86
msfpcsnp.dll5.0.5721.2615,950,39227-Feb-200900:18x86
mspadmin.exe5.0.5721.261382,39227-Feb-200900:18x86
msphlpr.dll5.0.5721.261501,17627-Feb-200900:18x86
rpcfltr.dll5.0.5721.261158,13627-Feb-200900:18x86
w3filter.dll5.0.5721.261916,92027-Feb-200900:18x86
w3prefch.exe5.0.5721.261174,00827-Feb-200900:18x86
wspsrv.exe5.0.5721.2611,223,60827-Feb-200900:18x86
Fweng.sys5.0.5721.261420,53627-Feb-200900:18x86
Httpfilter.dll5.0.5721.261157,11227-Feb-200900:18x86
Ldapfilter.dll5.0.5721.261113,59227-Feb-200900:18x86
Linktranslation.dll5.0.5721.261249,78427-Feb-200900:18x86
Radiusauth.dll5.0.5721.26185,43227-Feb-200900:18x86
Usr_pcode.htmNot Applicable6,89827-Feb-200900:18Not Applicable
Wploadbalancer.dll5.0.5721.261111,54427-Feb-200900:18x86
For ISA Server 2006 with Service Pack 1 installed
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Authdflt.dll5.0.5723.511164,79224-Feb-200923:37x86
Cookieauthfilter.dll5.0.5723.511407,48024-Feb-200923:37x86
Exchange_logout_smimecap.htmNot Applicable4,95324-Feb-200923:37Not Applicable
Exchange_usr_pwd.htmNot Applicable8,60424-Feb-200923:37Not Applicable
msfpc.dll5.0.5723.511584,63224-Feb-200923:37x86
msfpccom.dll5.0.5723.5116,781,36824-Feb-200923:37x86
mspapi.dll5.0.5723.51165,97624-Feb-200923:37x86
sumgen.dll5.0.5723.511516,53624-Feb-200923:37x86
ratlib.dll5.0.5723.51152,15224-Feb-200923:37x86
msfpcsnp.dll5.0.5723.5116,099,89624-Feb-200923:37x86
mspadmin.exe5.0.5723.511385,97624-Feb-200923:37x86
msphlpr.dll5.0.5723.511508,85624-Feb-200923:37x86
smtpfltr.dll5.0.5723.511177,59224-Feb-200923:37x86
w3filter.dll5.0.5723.511944,56824-Feb-200923:37x86
wspsrv.exe5.0.5723.5111,263,03224-Feb-200923:37x86
Fweng.sys5.0.5723.511420,79224-Feb-200923:37x86
Logout_smimecap.htmNot Applicable4,60824-Feb-200923:37Not Applicable
Usr_pcode.htmNot Applicable6,89824-Feb-200923:37Not Applicable
Usr_pwd.htmNot Applicable7,31324-Feb-200923:37Not Applicable
Wploadbalancer.dll5.0.5723.511112,05624-Feb-200923:37x86

Installation information

Because three separate packages are supplied according to the minor release level, you must apply the appropriate package by following these instructions:
  • If the release level of your installation is between the original release ISA Server 2006 and the supportability update, you must apply the ISA2006-RTM-KB968078-X86-<Lang>.msp package.
  • If the release level of your installation is between the Supportability Update and Service Pack 1, you must apply the ISA2006-SUPP-KB968078-X86-<Lang>.msp package.

    For more information about the Supportability Update, click the following article number to view the article in the Microsoft Knowledge Base:
    939455 Description of the Internet Security and Acceleration (ISA) Server 2006 Supportability Update package
  • If the release level of your installation is Service Pack 1 or a later version, you must apply the ISA2006-SP1-KB968078-X86-<Lang>.msp package.

Restart requirement

You must restart the computer after you apply this hotfix.

MORE INFORMATION

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 968078 - Last Review: May 9, 2012 - Revision: 3.0
APPLIES TO
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
Keywords: 
kbsecvulnerability kbsecbulletin kbsecurity kbexpertiseinter kbsurveynew KB968078

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com