Article ID: 973908 - Last Review: September 9, 2009 - Revision: 2.0

MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) could allow remote code execution

View products that this article applies to.

INTRODUCTION

Microsoft has released security bulletin MS09-037. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Home users:
http://www.microsoft.com/security/updates/bulletins/200908.aspx (http://www.microsoft.com/security/updates/bulletins/200908.aspx)
Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:
http://update.microsoft.com/microsoftupdate (http://update.microsoft.com/microsoftupdate)
IT professionals:
http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx (http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx)

Back to the top

How to obtain help and support for this security update

For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for support issues with security updates, visit the Microsoft International Support Web site:

http://support.microsoft.com/common/international.aspx?rdpath=4 (http://support.microsoft.com/common/international.aspx?rdpath=4)

North American customers can also obtain instant access to unlimited no-charge e-mail support or to unlimited individual chat support by visiting the following Microsoft Web site:

http://support.microsoft.com/oas/default.aspx?&prid=7552 (http://support.microsoft.com/oas/default.aspx?&prid=7552)

For enterprise customers, support for security updates is available through your usual support contacts.

Back to the top

MORE INFORMATION

Known issues and additional information about this security update

For more information about this security update and for information about any known issues with specific releases of this software, click the following article number to view the article in the Microsoft Knowledge Base:

973354 (http://support.microsoft.com/kb/973354/ ) MS09-037: Description of the security update for Outlook Express: August 11, 2009

973507 (http://support.microsoft.com/kb/973507/ ) MS09-037: Description of the security update for the Active Template Library: August 11, 2009

973540 (http://support.microsoft.com/kb/973540/ ) MS09-037: Description of the security update for Windows Media Player: August 11, 2009

973815 (http://support.microsoft.com/kb/973815/ ) MS09-037: Description of the security update for Microsoft MSWebDVD ActiveX Control in Windows XP and Windows Server 2003: August 11, 2009

973869 (http://support.microsoft.com/kb/973869/ ) MS09-037: Description of the security update for the DHTML editing component ActiveX control: August 11, 2009

973768 (http://support.microsoft.com/kb/973768/ ) MS09-037: Description of the security update for Microsoft HtmlInput Object ActiveX Control in Windows XP Media Center Edition, Windows Vista, and Windows Server 2008: August 11, 2009

Back to the top

APPLIES TO

Windows Server 2008 Datacenter without Hyper-V
Windows Server 2008 Enterprise without Hyper-V
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Standard without Hyper-V
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Web Server 2008
Windows Vista Service Pack 1, when used with:

Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Starter
Windows Vista Ultimate
Windows Vista Enterprise 64-bit Edition
Windows Vista Home Basic 64-bit Edition
Windows Vista Home Premium 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business 64-bit Edition

Microsoft Windows Server 2003 Service Pack 2, when used with:

Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems

Microsoft Windows XP Service Pack 2, when used with:

Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Microsoft Windows XP Service Pack 3, when used with:

Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Microsoft Windows 2000 Service Pack 4, when used with:

Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional Edition
Microsoft Windows 2000 Server

Back to the top

atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability kbsurveynew KB973908

Back to the top

MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) could allow remote code execution

On This Page

INTRODUCTION

How to obtain help and support for this security update

MORE INFORMATION

Known issues and additional information about this security update

APPLIES TO

Keywords:

Provide feedback on this information

Get Help Now

Article Translations

Related Support Centers

Page Tools

Get Help Now