Consider the following scenario:
- You have Microsoft Forefront Threat Management Gateway Client installed on a client computer that is running a Windows operating system.
- You install security update 2520426 on the client computer.
- You do one of the following things:
- You run Microsoft ActiveSync for a device such as a Windows Embedded CE-based device.
- You run an application that calls the NSPLookupServiceNext() function, and the function calls the NSPLookupServiceBegin() function that contains a dwControlFlags parameter of LUP_RETURN_BLOB.
This problem occurs because of a regression that is introduced by security update MS11-040.
To resolve this problem, install the hotfix rollup that is described in the following Microsoft Knowledge Base article:
2616324 A hotfix rollup is available for Forefront Threat Management Gateway Client
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about security update 2520426, click the following article number to view the article in the Microsoft Knowledge Base:
2520426 MS11-040: Vulnerability in Threat Management Gateway Firewall Client could cause remote code execution: June 14, 2011For more information about the NSPLookupServiceNext() function, visit the following Microsoft Developer Network (MSDN) website:NSPLookupServiceBegin() function, visit the following MSDN website:
824684 Description of the standard terminology that is used to describe Microsoft software updates
Article ID: 2620191 - Last Review: Oct 1, 2011 - Revision: 1
Microsoft Forefront Threat Management Gateway 2010 Enterprise, Microsoft Forefront Threat Management Gateway 2010 Standard