Findings:
Microsoft Forefront TMG crashed due to the bug in wspsrv.exe
and w3filter.dll
1.
Faulting application name: wspsrv.exe, version:
7.0.9193.500, time stamp: 0x4e75ffd3 and Faulting module name:
KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9ac
|
Log Name: Application
Source: Application Error Date: 3/8/2016 7:02:20 PM Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: xxxxxxxxxxxxx
Description:
Faulting application name: wspsrv.exe, version: 7.0.9193.500, time stamp: 0x4e75ffd3 Faulting module name: KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9ac |
|
2.
Log Name: Application
Source: Microsoft Forefront TMG Firewall Date: 3/8/2016 7:02:22 PM Event ID: 14057 Task Category: None Level: Error Keywords: Classic User: N/A Computer: xxxxxxxxxxxxxxxxxxx Description: The Firewall service stopped because an application filter module C:\Program Files\Microsoft Forefront Threat Management Gateway\w3filter.dll generated an exception code C0000005 in address 00000000701DED04 when function CompleteAsyncIO was called. To resolve this error, remove recently installed application filters and restart the service. |
Build
Numbers 7.0.9193.500
for
Microsoft Forefront Threat Management Gateway is associated with TMG 2010 Service Pack 2 .
Most of the TMG customers has reported the same problem after applying TMG
Service Pack 2 .
TMG Build numbers can be found here :
Comments and recommendation from the affected
customers can be found here :
Recommendation
:
Microsoft
recommends to apply the following hotfixes to rectify this issue .
C:\Users\xxxx>wmic
qfe | find "KB2649961" (I checked and found that
KB2649961 is not currently installed on any of the server )
C:\Users\xxxxx>
2.
https://support.microsoft.com/en-us/kb/2502686 (Important ) -à this hotfix is not publicly
available . We will contact Microsoft to get this package.
No comments:
Post a Comment