MS11-079: Vulnerabilities in Microsoft Forefront Unified Access Gateway could cause remote code execution: October 11, 2011

2011-10-11T00:00:00
ID KB2544641
Type mskb
Reporter Microsoft
Modified 2011-10-11T17:28:07

Description

<html><body><p>Resolves vulnerabilities in Microsoft Forefront Unified Access Gateway that could cause remote code execution and that was released on October 11, 2011.</p><h2>INTRODUCTION</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS11-079. To view the complete security bulletin, visit the following Microsoft website: <ul class="sbody-free_list"><li>IT professionals:<br/><div class="indent"><a href="http://technet.microsoft.com/security/bulletin/ms11-079" id="kb-link-1" target="_self">http://technet.microsoft.com/security/bulletin/MS11-079</a></div></li></ul><span><h3 class="sbody-h3">How to obtain help and support for this security update</h3> <br/>For enterprise customers, support for security updates is available through your usual support contacts.</span></div><h2>More Information</h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Known issues with this security update</h3><ul class="sbody-free_list"><li>When you uninstall this security update, you are prompted to insert the Microsoft Forefront Unified Access Gateway (UAG) CD. The installation program then closes, and you receive a 2920 error. To remove this security update, log on as an administrator, and then uninstall the update by using the <strong class="uiterm">Programs and Features</strong> item in Control Panel. Click <strong class="uiterm">View installed updates</strong> to access the update. <br/><br/><br/><br/><span class="text-base">Note</span> We do not recommend that you uninstall any security update. </li><li>You cannot use the <strong class="uiterm">/quiet</strong> and <strong class="uiterm">/forcerestart</strong> switches in combination when you install this update. </li><li>After you install this security update, the <strong class="uiterm">Remote Desktop Gateway</strong> service may not restart automatically. When you try to use the Remote Desktop client to create a remote desktop session, you may receive an error message that resembles the following:<br/><div class="indent"><div class="sbody-error">Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance.</div></div><br/>If you have any Remote Desktop Services applications that are published by using any UAG trunk, you must manually restart the service by using the <strong class="uiterm">Services </strong>console. </li><li>If you install this security update on the original RTM version of Forefront Unified Access Gateway, and then you apply Forefront Unified Access Gateway Update 1 or Forefront Unified Access Gateway Update 2, you must install this security update again. </li></ul><h3 class="sbody-h3">Known issues and additional information about this security update</h3>The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<ul class="sbody-free_list"><li><a href="https://support.microsoft.com/en-us/help/2522482" id="kb-link-2">2522482 </a> MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010: October 11, 2011 <br/><br/>Known issues in security update 2522482:<br/><br/><ul class="sbody-free_list"><li>This security update is listed in <strong class="uiterm">Programs and Features</strong> under <strong class="uiterm">Installed Updates</strong> as "Hotfix for Microsoft Forefront UAG 8." There is no mention that this is a security update. Security updates are otherwise typically listed as "Security Update for <strong class="sbody-strong">xxxxx</strong>." For example, this security update should be listed as "Security Update for UAG 2010." </li></ul></li><li><a href="https://support.microsoft.com/en-us/help/2522483" id="kb-link-3">2522483 </a> MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Update 1: October 11, 2011</li><li><a href="https://support.microsoft.com/en-us/help/2522484" id="kb-link-4">2522484 </a> MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Update 2: October 11, 2011 <br/><br/>Known issues in security update 2522484:<ul class="sbody-free_list"><li>This update changes MicrosoftClient.JAR Java applet. In addition to this update, the next Java security update that is issued on October 18 disables the older version of the MicrosoftClient.JAR file. If you do not install this update, the old version of MicrosoftClient.JAR file is blocked through the Java Runtime Environment update and stops functioning. For more information about the SUN/Oracle security update, visit the following Oracle webpage: <div class="indent"><a href="http://www.oracle.com/technetwork/topics/security/alerts-086861.html" id="kb-link-5" target="_self">Critical Patch Updates and Security Alerts</a></div><span> Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information. </span></li></ul></li><li><a href="https://support.microsoft.com/en-us/help/2522485" id="kb-link-6">2522485 </a> MS11-079: Description of the security update for Microsoft Forefront Unified Access Gateway 2010 Service Pack 1: October 11, 2011 </li></ul><br/><span>The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.</span><br/></div></body></html>