MS09-037: Description of the security update for the Active Template Library: August 11, 2009

2018-04-17T06:57:38
ID KB973507
Type mskb
Reporter Microsoft
Modified 2019-11-06T02:17:14

Description

<html><body><p>Resolves a vulnerability in the Active Template Library that may allow malicious code to run.</p><h2></h2><div class="kb-notice-section section"><span class="text-base">Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: <a href="http://windows.microsoft.com/en-us/windows/help/end-support-windows-xp-sp2-windows-vista-without-service-packs" id="kb-link-1" target="_self">Support is ending for some versions of Windows</a></span>.</div><h2>INTRODUCTION</h2><div class="kb-summary-section section">Microsoft has released security bulletin MS09-037. To view the complete security bulletin, visit one of the following Microsoft Web sites:<br/><ul class="sbody-free_list"><li>Home users:<div class="indent"><a href="http://www.microsoft.com/security/updates/bulletins/200908.aspx" id="kb-link-2" target="_self">http://www.microsoft.com/security/updates/bulletins/200908.aspx</a></div><span class="text-base">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update Web site now:<br/><div class="indent"><a href="http://update.microsoft.com/microsoftupdate/" id="kb-link-3" target="_self">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals: <div class="indent"><a href="http://www.microsoft.com/technet/security/bulletin/ms09-037.mspx" id="kb-link-4" target="_self">http://www.microsoft.com/technet/security/bulletin/ms09-037.mspx</a></div></li></ul><span><h3 class="sbody-h3">How to obtain help and support for this security update</h3> <br/>Help installing updates: <br/><a href="https://support.microsoft.com/ph/6527" id="kb-link-5" target="_self">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href="http://technet.microsoft.com/security/bb980617.aspx" id="kb-link-6" target="_self">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your computer that is running Windows from viruses and malware:<br/><a href="https://support.microsoft.com/contactus/cu_sc_virsec_master" id="kb-link-7" target="_self">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href="https://support.microsoft.com/common/international.aspx" id="kb-link-8" target="_self">International Support</a><br/><br/></span></div><h2>More Information</h2><div class="kb-moreinformation-section section"><h3 class="sbody-h3">Known issues with this security update</h3><ul class="sbody-free_list"><li>After you install this security update, some applications that use the Microsoft Office Document Imaging (MODI) viewer control stop working.<br/><br/><span>For more information about how to resolve this issue, click the following article number to view the article in the Microsoft Knowledge Base:<br/><div class="indent"><a href="https://support.microsoft.com/en-us/help/978153" id="kb-link-9">978153 </a>Description of the Office 2003 hotfix package (Mdivwctl.msp): December 15, 2009<br/></div></span></li></ul></div><h2>FILE INFORMATION</h2><div class="kb-moreinformation-section section"><span>The English (United States) version of this security update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the <strong class="uiterm">Time Zone</strong> tab in the <strong class="uiterm">Date and Time</strong> item in Control Panel. </span><h4 class="sbody-h4">For all supported editions of Microsoft Windows 2000 Service Pack 4</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.0.9794.0</td><td class="sbody-td">05-Aug-2009</td><td class="sbody-td">17:34</td><td class="sbody-td">90,164</td></tr></table></div><h3 class="sbody-h3">Windows XP and Windows Server 2003 file information notes</h3><br/><ul class="sbody-free_list"><li> The files that apply to a specific milestone (RTM, SP<strong class="sbody-strong">n</strong>) and service branch (QFE, GDR) are noted in the "SP requirement” and "Service branch" columns. <br/></li><li>GDR service branches contain only those fixes that are widely released to address widespread, critical issues. QFE service branches contain hotfixes in addition to widely released fixes.</li><li> In addition to the files that are listed in these tables, this software update also installs an associated security catalog file (KB<strong class="sbody-strong">number</strong>.cat) that is signed with a Microsoft digital signature. <br/></li></ul><h4 class="sbody-h4">For all supported x86-based versions of Windows XP Service Pack 2 and Windows XP Service Pack 3</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">18:55</td><td class="sbody-td">58,880</td><td class="sbody-td">SP2GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">18:43</td><td class="sbody-td">58,880</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">19:01</td><td class="sbody-td">58,880</td><td class="sbody-td">SP3GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">19:25</td><td class="sbody-td">58,880</td><td class="sbody-td">SP3QFE</td></tr></table></div><h4 class="sbody-h4">For all supported x86-based versions of Windows Server 2003 Service Pack 2 </h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">18:46</td><td class="sbody-td">62,976</td><td class="sbody-td">SP2GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">19:08</td><td class="sbody-td">62,976</td><td class="sbody-td">SP2QFE</td></tr></table></div><h4 class="sbody-h4">For all supported x64-based versions of Windows Server 2003 Service Pack 2 and of Windows XP Professional x64 edition Service Pack 2</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">CPU</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:54</td><td class="sbody-td">98,816</td><td class="sbody-td">X64</td><td class="sbody-td">SP2GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">watl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:54</td><td class="sbody-td">62,976</td><td class="sbody-td">X86</td><td class="sbody-td">SP2GDR\wow</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:50</td><td class="sbody-td">98,816</td><td class="sbody-td">X64</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">watl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:50</td><td class="sbody-td">62,976</td><td class="sbody-td">X86</td><td class="sbody-td">SP2QFE\wow</td></tr></table></div><h4 class="sbody-h4">For all supported IA-64-based versions of Windows Server 2003</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">CPU</th><th class="sbody-th">Service branch</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:53</td><td class="sbody-td">201,728</td><td class="sbody-td">IA-64</td><td class="sbody-td">SP2GDR</td></tr><tr class="sbody-tr"><td class="sbody-td">watl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:53</td><td class="sbody-td">62,976</td><td class="sbody-td">X86</td><td class="sbody-td">SP2GDR\wow</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:49</td><td class="sbody-td">201,728</td><td class="sbody-td">IA-64</td><td class="sbody-td">SP2QFE</td></tr><tr class="sbody-tr"><td class="sbody-td">watl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">18-Jul-2009</td><td class="sbody-td">18:49</td><td class="sbody-td">62,976</td><td class="sbody-td">X86</td><td class="sbody-td">SP2QFE\wow</td></tr></table></div><h3 class="sbody-h3">Windows Vista and Windows Server 2008 file information notes</h3><h4 class="sbody-h4">For all supported x86-based versions of Windows Server 2008 and of Windows Vista</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">Path</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:52</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.16889_none_a8ec88265cc499db</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:39</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.21088_none_a974fcc975e35390</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:35</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18293_none_aac1f52459f8aeb3</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:24</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.22474_none_ab6233f773052d19</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">13:54</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.18070_none_acbb07ec57117d17</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:15</td><td class="sbody-td">71,680</td><td class="sbody-td">Windows6.0-KB973507-x86\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.22179_none_ad4da751702700f0</td></tr></table></div><h4 class="sbody-h4">For all supported x64-based versions of Windows Server 2008 and of Windows Vista</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">CPU</th><th class="sbody-th">Path</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">15:07</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.16889_none_050b23aa15220b11</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">15:11</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.21088_none_0593984d2e40c4c6</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">15:00</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18293_none_06e090a812561fe9</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:35</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.22474_none_0780cf7b2b629e4f</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:14</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.18070_none_08d9a3700f6eee4d</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:05</td><td class="sbody-td">88,576</td><td class="sbody-td">X64</td><td class="sbody-td">Windows6.0-KB973507-x64\amd64_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.22179_none_096c42d528847226</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:52</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.16889_none_a8ec88265cc499db</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:39</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6000.21088_none_a974fcc975e35390</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:35</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18293_none_aac1f52459f8aeb3</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:24</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.22474_none_ab6233f773052d19</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">13:54</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.18070_none_acbb07ec57117d17</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:15</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-x64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.22179_none_ad4da751702700f0</td></tr></table></div><h4 class="sbody-h4">For all supported IA-64-based versions of Windows Server 2008</h4><div class="table-responsive"><table class="sbody-table table"><tr class="sbody-tr"><th class="sbody-th">File Name</th><th class="sbody-th">Version</th><th class="sbody-th">Date</th><th class="sbody-th">Time</th><th class="sbody-th">Size</th><th class="sbody-th">CPU</th><th class="sbody-th">Path</th></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:28</td><td class="sbody-td">215,552</td><td class="sbody-td">IA-64</td><td class="sbody-td">Windows6.0-KB973507-ia64\ia64_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18293_none_aac3991a59f6b7af</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:32</td><td class="sbody-td">215,552</td><td class="sbody-td">IA-64</td><td class="sbody-td">Windows6.0-KB973507-ia64\ia64_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.22474_none_ab63d7ed73033615</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">13:53</td><td class="sbody-td">215,552</td><td class="sbody-td">IA-64</td><td class="sbody-td">Windows6.0-KB973507-ia64\ia64_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.18070_none_acbcabe2570f8613</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">13:59</td><td class="sbody-td">215,552</td><td class="sbody-td">IA-64</td><td class="sbody-td">Windows6.0-KB973507-ia64\ia64_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.22179_none_ad4f4b47702509ec</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:35</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-ia64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.18293_none_aac1f52459f8aeb3</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:24</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-ia64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6001.22474_none_ab6233f773052d19</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">13:54</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-ia64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.18070_none_acbb07ec57117d17</td></tr><tr class="sbody-tr"><td class="sbody-td">atl.dll</td><td class="sbody-td">3.5.2284.2</td><td class="sbody-td">17-Jul-2009</td><td class="sbody-td">14:15</td><td class="sbody-td">71,680</td><td class="sbody-td">X86</td><td class="sbody-td">Windows6.0-KB973507-ia64\x86_microsoft-windows-atl_31bf3856ad364e35_6.0.6002.22179_none_ad4da751702700f0</td></tr></table></div></div></body></html>