Home / bulletins MS09-037 - Critical: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) - Version:1.2
Posted on 20 August 2009
There is an newer version: MS09-037 - Version: 2.1
CriticalSeverity Rating: Critical - Revision Note: V1.2 (August 19, 2009): Revised the Affected Software table to clarify that the DHTML Editing Component ActiveX Control (KB973869) update replaces MS05-013 for Windows XP Service Pack 2, but not for Windows XP Service Pack 3; and that the Windows Media Player 11 (KB973540) update replaces MS07-047 for Windows Vista x64 Edition, but not for Windows Vista x64 Edition Service Pack 1 or Windows Vista x64 Edition Service Pack 2.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Active Template Library (ATL). The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-037 - Version: 1.0
- MS09-037 - Version: 1.1
- MS09-037 - Version: 1.2
- MS09-037 - Version: 2.0
- MS09-037 - Version: 2.1
