Microsoft has released Forefront Client Security Service Pack 1.

http://www.microsoft.com/Forefront/clientsecurity/en/us/default.aspx

Once installed, customers will be prompted to install the SP1 upgrade via Microsoft Update. Existing Forefront Client Security customers will automatically be prompted to install the SP1 upgrade via Microsoft Update.
The SP1 supports:
  • Agent protection on Windows Server 2008 – Server and Core
  • Server role support and protection for Windows Server 2008 (except Core, which is Client only)
  • Agent protection and server roles on Hyper-V
  • Agent protection on cluster servers
  • Agent protection on Home editions of Windows Vista or later, Windows XP SP2 or later, Windows 2000 SP4, and Windows Server 2003 SP1 or later
  • NAP Integration
List of issues fixed
This service pack fixes the following issues that are not previously documented in a Microsoft Knowledge Base article:
· An exception is thrown when you deploy a Forefront Client Security (FCS) policy on Windows Server 2008

When you deploy an FCS policy to an organizational unit (OU), an exception is thrown, and the policy is not deployed.

· When you deploy an FCS policy on Windows Server 2008 to the Users tab, an exception is thrown

The
Browse dialog box for a Group Policy object (GPO) on Windows Server 2008 includes a Users tab. This tab does not exist in Windows Server 2003. If you deploy an FCS policy to a user or to a group, an exception is thrown.
· FCS policies that are deployed to an existing GPO are tied to a specific domain controller (DC)

FCS policies that are deployed to an existing GPO are tied to a specific DC. If the DC is decommissioned, you cannot change or undeploy that policy.