You are currently offline, waiting for your internet to reconnect

Your browser is out-of-date

You need to update your browser to use the site.

Update to the latest version of Internet Explorer

MS09-016: Description of the Forefront Threat Management Gateway MBE hotfix package: April 14, 2009

Microsoft has released security bulletin MS09-016. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

This security update fixes the following issues:
  • 961831 You encounter a Web listener TCP State vulnerability in Forefront Threat Management Gateway MBE
  • 968076 A cross-site scripting vulnerability in Forefront Threat Management Gateway MBE allows for redirection to malicious sites
This security update also resolves a problem in which Forefront Threat Management Gateway Medium Business Edition (MBE) may shut down unexpectedly with the following error:
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)Arguments:Arg1: 0000000000000040, memory referencedArg2: 0000000000000002, IRQLArg3: 0000000000000000, value 0 = read operation, 1 = write operationArg4: fffffa6000a0a9e5, address which referenced memory
For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
962006 Forefront Threat Management Gateway MBE crashes with the following Bug Check error: "DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)"
The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
File nameFile versionFile sizeDateTimePlatform


You must have Microsoft Forefront Threat Management Gateway MBE installed to apply this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Article ID: 968075 - Last Review: 05/09/2012 17:03:00 - Revision: 4.0

  • Microsoft Forefront Threat Management Gateway, Medium Business Edition
  • kbsecvulnerability kbsecbulletin kbsecurity kbexpertiseinter kbsurveynew KB968075