The ForeFront team released Update 1 for Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1.
Besides bug fixes and some added functionality, Update 1 also adds support for Exchange 2010 SP1. Because Exchange 2010 SP1 doesn’t support the get-antispamupdates cmdlet (see this post), implementing Exchange 2010 SP1 on servers in the Mail protection role (with Exchange – Edge server role – as well as ForeFront Protection for Exchange) leads to issues.
Update 1 fixes this issue. To make things confusing, the ForeFront team calls these cumulative updates Software Update or Update; what’s wrong Rollup? Be advised that the ForeFront Update page doesn’t mention the Update (yet), nor is the related knowledge base article published (kb2288910).
You can download ForeFront TMG SP1 Update 1 here. Note that currently only English is available, other languages are said to be made available soon.
Want to check if you’re running the latest Service Pack or Rollup for your ForeFront components? The ForeFront team has published a page where all ForeFront components, related technologies included, are listed, including information on the latest Service Pack, Rollup, version number as well as a link to product guidance.
The ForeFront Update Center as it is called contains information on the following products:
Microsoft Forefront Protection 2010 for Exchange Server
Forefront Protection 2010 for SharePoint
Microsoft Forefront Client Security
Microsoft Forefront Security for Exchange Server
Forefront Security for SharePoint
Forefront Server Security Management Console
Forefront Security for Office Communications Server
Antigen 9.0 for Exchange
Antigen 8.0 for Microsoft SharePoint Portal Server
Microsoft released Hotfix Rollup 1 for Forefront Protection 2010 for Exchange Server (KB2181692).
Here’s the list of fixes included in this rollup:
There is a handle leak in FSCController when SQM is uploading data in Microsoft Forefront Protection for Exchange
A Forefront Protection for Exchange scan engine update fails and generates Application Log errors
Forefront Protection for Exchange replacing legitimate attachments with text files and quarantining legitimate mail
Proxy credentials and UNC path settings for Forefront Protection for Exchange do not replicate to passive node during cluster failover
Forefront Protection for Exchange is blocking all incoming mail
A system state backup fails while attempting to perform anything other than a full backup on a server running Forefront Protection for Exchange
Forefront Protection for Exchange filters email with attached .MSG files that contain a subject line ending with a file extension
The Forefront Protection for Exchange client crashes when adding an IP address, or range, to either the IP Allow/Block List
Forefront Protection for Exchange sends legitimate email to Exchange’s UNDELIVERABLE folder
Store slows down and RPC request queue length rises when Forefront Protection for Exchange is running on Windows 2003 64-bit server
FSCUtility fails if run on a non clustered server that the cluster service is installed but disabled on
FPE detecting valid .xls or.csv file as Exceedingly nested
Forefront Protection for Exchange does not send External Sender notifications
The FSCManualScanner.exe process in Forefront Protection for Exchange terminates unexpectedly
The FSECCRService.exe process in Forefront Protection for Exchange may stop responding generating a Dr. Watson crash that references Bucket ID 107626953990176: Customer experiences OOXML performance issues when scanning
Customer experiences OOXML performance issues when scanning
Dr. Watson reports a null reference exception in Microsoft.FSS.AntiSpam.dll (from Forefront Protection for Exchange); Bucket ID 
Spam Reports may take an excessive amount of time to retrieve in Forefront Protection for Exchange
A scan job in Forefront Protection for Exchange will not restart after hitting the MaxDisableWait time timeout threshold
Forefront Protection for Exchange allows mail to go through unscanned if the MaxDisbaledWait time threshold is exceeded
Forefront Protection for Exchange generates more Realtime Scan Timeout notifications than expected
Sluggish or stopped mail flow resulting from the FSCTransportScanner process, within Forefront Protection for Exchange, crashing while scanning files with embedded object links.
Forefront Protection for Exchange does not have a Skip/Detect action option for the MaxContainerScanTime action menu
For more details on the fixes consult the related knowledge base article (2181692). You can download the Forefront Protection 2010 for Exchange Server Hotfix Rollup 1 here.