The security update addresses the vulnerabilities by correcting the manner in which ATL handles the instantiation of objects from data streams, providing updated versions of the affected components and controls built using corrected ATL headers. For more information on the software affected by this update, see the subsection, Affected and Non-Affected Software, in this section. This security update is rated Critical for all supported editions of Microsoft Outlook 2002, Microsoft Office Outlook 2003, Microsoft Office Outlook 2007, Microsoft Visio 2002 Viewer, Microsoft Office Visio 2003 Viewer, and Microsoft Office Visio Viewer 2007. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerabilities could allow remote code execution if a user loaded a specially crafted component or control. This security update resolves several privately reported vulnerabilities in ActiveX Controls for Microsoft Office that were compiled with a vulnerable version of Microsoft Active Template Library (ATL). Version: 1.5 General Information Executive Summary Published: Octo| Updated: February 17, 2010 ![]() Security Bulletin Microsoft Security Bulletin MS09-060 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |