This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS08-008. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
Since Visual Basic 6.0 Service Pack 6 (SP6), the Visual Basic Package and Deployment Wizard obtains the Oleaut32.dll file from the following location:
[VB Installation Dir]\Wizards\PDWizard\Redist\
This folder contained a single copy of Oleaut32.dll, which could be used by software vendors and developers for all the operating systems that are supported by Visual Basic 6.
This security update contains multiple, operating system specific versions of the Oleaut32.dll file. The security update creates new folders under the previous Redist folder. The operating system specific versions of Oleaut32.dll are copied to these folders as follows:
Note If you have previously installed security update 924053, you already have multiple versions of Oleaut32.dll installed. In that case the only change is newer versions of the various binaries for the different operating systems. Security update 924053 is described in security bulletin MS07-043. For more information about security update 924053, click the following article number to view the article in the Microsoft Knowledge Base:
924053MS07-043: Description of security update for the Visual Basic 6.0 redistributable
Frequently asked questions (FAQ) about this update
Q1: I am a software vendor and I package and redistribute Oleaut32.dll with my application. What does this change mean for me?
A1: The change in the way that Oleaut32.dll is not shipped means that if you are a software vendor and you have to package and redistribute Oleaut32.dll in your applications, you cannot ship a single file for all target operating systems your application will run on. You will have to ship a different version of Oleaut32.dll based on the target operating system your package will be installed on.
Note We recommend that you do not obtain the copy of Oleaut32.dll from your \System32\ folder. That version has been tested to work only on that particular operating system.
For example, if the computer for which you are developing and packaging your application is running Windows XP, and you obtain the copy of Oleaut32.dll from your \System32 folder, your application will not run on anything other than Windows XP. For example, your application will not run on Windows Server 2003. Therefore, we strongly recommended that you use the following process when you package and bundle Oleaut32.dll for redistribution with your application:
Identify the version of the operating system(s) your application will run on.
Decide whether you want to build multiple packages and setups for all targeted operating systems or one single package that addresses all operating systems.
If you want to build multiple packages and setups for your application one per target operating system:
Each package and setup has to bundle up the correct version of Oleaut32.dll. The folder from which you obtain the file is decided by the operating system the particular package and setup is built for.
Make sure that the package detects the operating system at installation time and installs only when the correct operating system is detected
If you want to build a single package and setup for your application for all operating systems:
The package setup has to bundle all the different versions of Oleaut32.dll
During installation, the package and setup have to detect the targeted operating system and choose the correct copy of Oleaut32.dll to be installed.