MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) could allow remote code execution

<html><body><p>Resolves vulnerabilities in ATL that could allow remote code execution if a user loaded a specially crafted component or control hosted on a malicious website.</p><h2></h2><div><span>Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you’re running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: <a href=“http://windows.microsoft.com/en-us/windows/help/end-support-windows-xp-sp2-windows-vista-without-service-packs” target=“_self”>Support is ending for some versions of Windows</a></span>.</div><h2>INTRODUCTION</h2><div>Microsoft has released security bulletin MS09-037. To view the complete security bulletin, visit one of the following Microsoft Web sites:<br /><br /><ul><li>Home users:<br /><br /><div><a href=“http://www.microsoft.com/security/updates/bulletins/200908.aspx” target=“_self”>http://www.microsoft.com/security/updates/bulletins/200908.aspx</a></div><span>Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update Web site now:<br /><div><a href=“http://update.microsoft.com/microsoftupdate” target=“_self”>http://update.microsoft.com/microsoftupdate</a></div></li><li>IT professionals:<br /><br /><div><a href=“http://www.microsoft.com/technet/security/bulletin/ms09-037.mspx” target=“_self”>http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx</a></div></li></ul><span><h3>How to obtain help and support for this security update</h3> <br />Help installing updates: <br /><a href=“https://support.microsoft.com/ph/6527” target=“_self”>Support for Microsoft Update</a><br /><br />Security solutions for IT professionals: <br /><a href=“http://technet.microsoft.com/security/bb980617.aspx” target=“_self”>TechNet Security Troubleshooting and Support</a><br /><br />Help protect your computer that is running Windows from viruses and malware:<br /><a href=“https://support.microsoft.com/contactus/cu_sc_virsec_master” target=“_self”>Virus Solution and Security Center</a><br /><br />Local support according to your country: <br /><a href=“https://support.microsoft.com/common/international.aspx” target=“_self”>International Support</a><br /><br /></span></div><h2>More Information</h2><div><h3>Known issues and additional information about this security update</h3><span>For more information about this security update and for information about any known issues with specific releases of this software, click the following article number to view the article in the Microsoft Knowledge Base:<br /><br /><div><a href=“https://support.microsoft.com/en-us/help/973354”>973354 </a> MS09-037: Description of the security update for Outlook Express: August 11, 2009<br /><br /></div></span><span><div><a href=“https://support.microsoft.com/en-us/help/973507”>973507 </a> MS09-037: Description of the security update for the Active Template Library: August 11, 2009<br /><br /></div></span><span><div><a href=“https://support.microsoft.com/en-us/help/973540”>973540 </a> MS09-037: Description of the security update for Windows Media Player: August 11, 2009<br /><br /></div></span><span><div><a href=“https://support.microsoft.com/en-us/help/973815”>973815 </a> MS09-037: Description of the security update for Microsoft MSWebDVD ActiveX Control in Windows XP and Windows Server 2003: August 11, 2009<br /><br /></div></span><span><div><a href=“https://support.microsoft.com/en-us/help/973869”>973869 </a> MS09-037: Description of the security update for the DHTML editing component ActiveX control: August 11, 2009<br /><br /></div></span><span><div><a href=“https://support.microsoft.com/en-us/help/973768”>973768 </a> <br />MS09-037: Description of the security update for Microsoft HtmlInput Object ActiveX Control in Windows XP Media Center Edition, Windows Vista, and Windows Server 2008: August 11, 2009<br /></div></span></div></body></html>