Home > Forefront TMG 2010, Forefront UAG 2010, Networking, Security Updates > Microsoft Security Bulletin MS11-083 and Forefront TMG 2010

Microsoft Security Bulletin MS11-083 and Forefront TMG 2010

November 12, 2011

Included in the November Microsoft security bulletin release was security update MS11-083 (KB2588516) that addresses a critical vulnerability in TCP/IP that could allow remote code execution. Forefront TMG 2010 firewalls are protected from this vulnerability, as the firewall engine’s kernel mode driver processes packets even before the operating system sees them. More information about how the Forefront TMG 2010 firewall engine and service work can be found here [this document is for ISA, but TMG is similar]. Although the underlying operating system’s TCP/IP networking stack is protected by the Forefront TMG firewall engine driver, TMG administrators are still strongly encouraged to install the MS11-083 update as soon as possible.

  1. Scott
    February 13, 2012 at 9:01 am

    Semi newbie question here, but I have a few TMG NLB clusters and am wondering if the OS security patching process is straightforward (just install and reboot one cluster member at a time). Hoping it’s not anything like a SP update…?

  2. February 13, 2012 at 4:43 pm

    Hi Scott,

    The process for applying OS updates is not as complicated as applying Forefront TMG 2010 updates. You can drain the node prior to updating, then restart once complete. Repeat the process on the remaining nodes and you’re good to go. 🙂

  1. No trackbacks yet.
Comments are closed.