Announcing the availability of IAG 3.7 SP2 Update 3

Applicability This announcement applies to all IAG customers.

Availability The file IAG3.7-SP2Update-3.exe (build 47) is uploaded to CSS repository. A KB article with full details will be published soon.

Prerequisites This Update requires prior installation of IAG 3.7 SP2; it cannot be installed on v3.7.0 or v3.7.1.

Communication I am pleased to announce the availability of Update 3 for IAG 3.7 SP2.  Customers who need this Update should contact Microsoft CSS.

What’s New

• Enhanced IAG Client Components, with support for Windows 7 (32 and 64 bit) and Windows Vista 64 bit. Technically, we integrated the Client Components of the newer Unified Access Gateway 2010 product (UAG 2010). The new IAG Client Components support the following. · Online and offline installation of the Client Components. · Online upgrade from the former IAG Client Components (requiring a computer restart). · Backward compatibility: Client Components downloaded from the IAG server running Update 3 and installed on an endpoint computer will be compatible with the latest Update 2. The table summarizes the main features and their availability on the various supported platforms.

• Introduced a supportability-related fix which sends a useful message to IAG Web monitor when an HTTP response buffer exceeds the predefined limit. The message contains links to KB’s with guidelines for resolving the issue.
• Enhanced web monitor report generation. A more efficient report generation supports handling of larger reports. Additionally, a previous hard-wired limit on the report size is now user-configurable through the registry.
• Fixed a crash in w3wp.exe process when accessing a basic trunk with defined server name translation rules (SNT).
• Fixed a bug leading to a crash in HTTP Parser module. A crash occurred because of the way IAG was parsing chunked HTTP responses
• Fixed a problem with requests starting with an upper case HTTPS. IAG SRA engine was unable to recognize links starting with an uppercase HTTPS, and missed these links in the signing process. The result was that some applications did not work properly.
• Fixed a crash of application w3wp.exe (module WhlServerProxy.dll). A crash occurred in a rare scenario when using Network Connector application.
• Fixed a problem with SharePoint 2007 AAM rule-set. Rule number 55 blocked the usage of files having Dash, Comma, and Apostrophe in the filename.
• Enhanced WMI Translation of legacy values for F-Prot Antivirus. WMI Translation of legacy values did not work for F-Prot Antivirus, preventing policies that specify it from being used.
• Fixed a problem with KCD authentication. When disabling/enabling KCD-enabled applications, sometimes IAG was unable to find the authentication provider and KCD failed.
• Fixed a problem in the duplicated basic trunk activation due to incorrect port assignment.
• Fixed NTLM Authentication failure when a password included Unicode characters.
• Fixed an issue of parsing large (>10-20 MB) HTML files even if MaxBodyBufferSize value is configured.
• Added support for MSN Optimized in IE8.
• Fixed an issue introduced by an ADFS fix which caused a failure in IAG login .

Known issues

• When uninstalling Update 3, IAG configuration reverts to its state prior to the installation, and all changes made after the installation are discarded.  It is recommended to backup an active configuration before uninstalling Update 3.
• Due to a bug in UAG 2010 Client Components, Windows 7 64-bit OS clients will not display the pop-up message for unsupported applications.
• IAG implementation requires that a particular root certificate be present in the client’s Trusted Root Certificate store. Due to a change in the certification authority for Update 3, clients with a previous IAG Client Components installation might fail when upgrading to Update 3 online. To resolve the issue, please follow the instructions at https://support.microsoft.com/kb/931125.

Author: Neta Amit, Senior PM, ISA/TMG and IAG/UAG Support