This update causes ISA Server to use random source ports for UDP sessions created by access rules which serve hosts in networks for which ISA Server defines a network address translation (NAT) relationship.
This update resolves the issue described in Microsoft Article
956910, DNS queries that are sent across a firewall do not use random source ports after you install security update 953230 (MS08-037). With this update, ISA Server allocates a large set of random UDP ports and then selects a port from this set for use in new UDP sessions. You can disable it programmatically (there is no user interface).
