You encounter a Web listener TCP State vulnerability in Forefront Threat Management Gateway MBE

Article translations Article translations
Article ID: 961831 - View products that this article applies to.
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all


Consider the following scenario:
  • You configure Web publishing, Web proxy, or Automatic discovery in Microsoft Forefront Threat Management Gateway Medium Business Edition (MBE).
  • A client establishes a TCP session with the corresponding listener.
  • The client violates the TCP state before any data is sent.
In this scenario, Threat Management Gateway stops accepting new requests.


This problem occurs because Threat Management Gateway MBE does not correctly manage TCP states for Web listeners.


To resolve this problem, the hotfix rollup package that is described in the following Microsoft Knowledge Base article:

968075 MS09-016: Description of the Forefront Threat Management Gateway MBE hotfix package: April 14, 2009


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


This problem occurs only in the following scenarios:
  • Web publishing
  • Web proxy
  • Automatic discovery
For more information about this vulnerability, visit the following Microsoft Web site:
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates


Article ID: 961831 - Last Review: January 15, 2015 - Revision: 1.1
  • Microsoft Forefront Threat Management Gateway, Medium Business Edition
  • Windows Essential Business Server 2008 Standard
kbnosurvey kbarchive kbexpertiseinter kbsurveynew kbbug kbfix kbqfe KB961831

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from