Home     Products      Support      Corporate     Sign In 
Support Knowledge Base, Article 1331
Product
XFile
Version
2.4.2 and earlier
Title
SoftArtisans Response to Microsoft Security Bulletin MS09-035 - Vulnerabilities in Visual Studio ATL
Problem
SoftArtisans XFile version 2.4.2 and earlier is exposed to the ATL security vulnerabilities described in the Microsoft Security Bulletin MS09-035
Solution
On July 28, 2009 Microsoft published the following security bulletin indicating several vulnerabilities in the public versions of the Microsoft Active Template Library (ATL) included with Visual Studio:

Microsoft Security Bulletin MS09-035 - Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution

These vulnerabilities could result in information disclosure or remote code execution attacks for controls and components built using vulnerable versions of the ATL.

SoftArtisans XFile version 2.4.2 (both SE and EE), and earlier versions, was built using a version of ATL that contains these vulnerabilities.

SoftArtisans has resolved these reported security issues in version 2.5.0 of XFile. We strongly recommend our customers to upgrade to version 2.5.0 or above.

Note: The Standard edition of XFile (XFileSE) version 2.5.0 can be obtained either separately or as part of FileUp Professional Edition version 5.3.0. The Enterprise edition of XFile (XFileEE) version 2.5.0 ships only with FileUp Enterprise Edition version 5.3.0.
Created : 1/20/2010 1:19:38 PM (last modified : 1/20/2010 1:19:38 PM)
Rate this article!
Comments