Though Microsoft had released Exchange 2010 SP1, there was a known issue with upgrading Exchange Edge 2010 to SP1, when the same box has Forefront Protection For Exchange 2010 (FPE) & Threat Management Gateway (TMG) 2010 SP1. Issue is discussed here
With the release of Software Update 1 For TMG 2010 SP1, it is now possible to upgrade existing Exchange Edge 2010 to SP1 on the server with combined roles. You can also build a new server with Edge 2010 SP1, FPE & TMG 2010 SP1 with Update Rollup 1.
This update rollup contains the following enhancements:
• SafeSearch Enforcement. Forefront TMG can enforce blocking adult text, images and videos from search results by popular search engines. SafeSearch can be enforced on specific groups or to the entire organization.
• Including non-primary URL filtering categorizations. Forefront TMG uses an algorithm (described in this post) to select a URL’s “primary” category from among up to four categorizations provided by Microsoft Reputation Services (MRS). In Update 1 you can control access to sites that match any of the non-primary categorizations provided by MRS. For example, a URL with a primary categorization of News can now match a rule by any of its non-primary categorizations (such as Web Mail).
• Support for Exchange 2010 SP1 – This update provides support for Exchange 2010 SP1, including a fix to the problem reported in this post.
• Bug fixes and various other improvements
Download Update Rollup 1 For TMG 2010 SP1 here
This rollup must be installed on top of TMG 2010 SP1. If SP1 is not already installed, install it first. The update is currently available in English, but additional languages will be available on the download centre soon.