Home / bulletins MS09-035 - Moderate: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) - Version:2.1
Posted on 12 August 2009
There is an newer version: MS09-035 - Version: 3.0
ModerateSeverity Rating: Moderate - Revision Note: V2.1 (August 12, 2009): Updated the Affected Software table to list MS07-012 as replaced by the update for Microsoft Visual Studio .NET 2003 Service Pack 1; added a new entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to clarify why Microsoft Download Center update KB numbers for Visual C++ Redistributable packages differ from SMS, SCCM, WSUS and MU update KB numbers; corrected restart requirements throughout the bulletin; added Product Code Verification entries to the update deployment reference tables for Microsoft Visual Studio 2005 Service Pack 1, and Microsoft Visual Studio 2008 and Microsoft Visual Studio 2008 Service Pack 1; and performed miscellaneous edits.Summary: This security update addresses several privately reported vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio. This security update is specifically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin and follow the guidance provided to create, and distribute to their customers, components and controls that are not vulnerable to the vulnerabilities described in this security bulletin.
Other versions
- MS09-035 - Version: 1.1
- MS09-035 - Version: 2.0
- MS09-035 - Version: 2.1
- MS09-035 - Version: 2.2
- MS09-035 - Version: 1.0
- MS09-035 - Version: 2.3
- MS09-035 - Version: 3.0
