Microsoft Download Center Archive

Security Update for Unified Access Gateway 2010 with Update 2 (KB2418933)

  • Published:
  • Version: 4.0.1269.250
  • Category: Security Patch
  • Language: English

Vulnerabilities in Forefront Unified Access Gateway could Cause Cross Site Scripting Resulting in Elevation of Privilege

  • This security update resolves four privately reported vulnerabilities in Forefront Unified Access Gateway 2010 (UAG). The most severe of these vulnerabilities could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL. An attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.

    Here are the cases with the severity rating:
    UAG Redirection Issue May Allow Phishing Vulnerability - CVE-2010-2732 (Important - Spoofing)
    UAG XSS Allows EOP Vulnerability - CVE-2010-2733 (Important - Elevation of Privilege)
    XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability - CVE-2010-2734 (Important - Elevation of Privilege)
    XSS in Sginurl.asp Vulnerability - CVE-2010-3936 (Important - Elevation of Privilege)
Knowledge Base Articles:
Security Bulletins:


Status: Deleted

This download is no longer available on The downloads below are archives provided by the Internet Archive Wayback Machine from the Microsoft Download Center prior to August 2020.

SHA1: 6d0b099103a136c9d82fb372dfe162bf8e21cdfd
4.78 MB

System Requirements

Operating Systems: Windows Server 2008 R2

  • Forefront UAG can be installed on computers running the Windows Server 2008 R2 Standard or Windows Server 2008 R2 Enterprise 64-bit operating systems.

Installation Instructions

  • 1. For the file you want to download, click the Download button on this page.
    2. Click Save to download to your computer.