MS11-040: Vulnerability in Threat Management Gateway Firewall Client could cause remote code execution: June 14, 2011

<html><body><p>Resolves a vulnerability in the Microsoft Forefront Threat Management Gateway 2010 Client that could allow remote code execution if a malicious user leverages a client to make specific requests on a system on which the TMG firewall client is used.</p><h2></h2><div>This security update and the vulnerability that is discussed in the security bulletin only apply to the clients for the products that have server and client components and that are listed in the “Applies to” section.</div><h2>Introduction</h2><div>Microsoft has released security bulletin MS11-040. To view the complete security bulletin, visit one of the following Microsoft websites:<br /><ul><li>Home users:<br /><div><a href=“http://www.microsoft.com/security/pc-security/bulletins/201106.aspx” target=“_self”>http://www.microsoft.com/security/pc-security/bulletins/201106.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or for your laptop from the Microsoft Update website now: <div><a href=“http://update.microsoft.com/microsoftupdate/” target=“_self”>http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<br /><div><a href=“http://www.microsoft.com/technet/security/bulletin/ms11-040.mspx” target=“_self”>http://www.microsoft.com/technet/security/bulletin/MS11-040.mspx</a></div></li></ul><h3>How to obtain help and support for this security update</h3>For home users, no-charge support is available by calling (866) PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support website: <div><a href=“https://support.microsoft.com/common/international.aspx?rdpath=4” target=“_self”>http://support.microsoft.com/common/international.aspx?rdpath=4</a></div>North American customers can also obtain instant access to unlimited no-charge email support or to unlimited individual chat support by visiting the following Microsoft website: <div><a href=“https://support.microsoft.com/oas/default.aspx?&amp;prid=7552” target=“_self”>http://support.microsoft.com/oas/default.aspx?&amp;prid=7552</a></div>For enterprise customers, support for security updates is available through your usual support contacts.</div><h2></h2><div><h3>More information about this security update</h3><h4>Known issues about this security update</h4>When you install this security update on a computer that is running Microsoft Forefront Threat Management Gateway Client, Microsoft ActiveSync does not work, or an application that calls the <span>NSPLookupServiceNext()</span> function may fail during name resolution.<br /><br />For more information about this known issue, click the following article number to view the article in the Microsoft Knowledge Base:<div><a href=“https://support.microsoft.com/en-us/help/2620191”>2620191 </a> FIX: Security update 2520426 causes a regression on a computer that is running Forefront Threat Management Gateway Client</div></div><h2></h2><div><h4>File information</h4>The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time and with your current daylight saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files. <div><table><tr><th>File name</th><th>File version</th><th>File size</th><th>Date</th><th>Time</th><th>Platform</th></tr><tr><td>Fwcmgmt.exe</td><td>7.0.7734.182</td><td>240,920</td><td>12-Apr-2011</td><td>04:58</td><td>x86</td></tr><tr><td>Fwcwsp.dll</td><td>7.0.7734.182</td><td>348,552</td><td>12-Apr-2011</td><td>04:58</td><td>x86</td></tr><tr><td>Fwcwsp64.dll</td><td>7.0.7734.182</td><td>357,352</td><td>12-Apr-2011</td><td>04:58</td><td>x64</td></tr></table></div></div></body></html>