Home / bulletins MS09-037 - Critical: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) - Version:1.1
Posted on 12 August 2009
There is an newer version: MS09-037 - Version: 2.1
CriticalSeverity Rating: Critical - Revision Note: V1.1 (August 12, 2009): Removed erroneous reference to known issues from the Frequently Asked Questions (FAQ) Related to This Security Update section; added new entries to the section, FAQ for Microsoft Video ActiveX Control Vulnerability - CVE-2008-0015, describing the relationship between this bulletin and Microsoft Security Bulletin MS09-032; corrected restart requirements throughout the bulletin; and performed miscellaneous edits.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-037 - Version: 1.0
- MS09-037 - Version: 1.1
- MS09-037 - Version: 1.2
- MS09-037 - Version: 2.0
- MS09-037 - Version: 2.1
