Severity Rating: Important - Revision Note: V1.1 (April 22, 2009): Corrected registry key verification entries in the deployment reference tables for ISA Server 2004 and ISA Server 2006.Summary: This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). These vulnerabilities could allow denial of service if an attacker sends specially crafted network packets to the affected system, or information disclosure or spoofing if a user clicks on a malicious URL or visits a Web site that contains content controlled by the attacker.

Read more at: http://www.microsoft.com/technet/security/bulletin/MS09-016.mspx?pubDate=2009-04-22