Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE).
Detailed Information on the risk:
A denial of service vulnerability exists in the way the firewall engine handles TCP state for Web proxy or Web publishing listeners. The vulnerability could allow a remote user to cause a Web listener to stop responding to new requests. Further information on this exploit is available at : MS09-016