On Tuesday, July 28, 2009, Microsoft has released two Out-of-Band Security Bulletins, M.S.09-034 and M.S.09-035, that address Vulnerabilities in the Visual Studio Active Template Library (A.T.L.) and Internet Explorer. Also, Internet Explorer has been Updated with Defense-in-Depth Security Measures to aid in combating the Exploitation of the A.T.L. issues.

The A.T.L.-based issues affect developers who have compiled applications using specific Components or Controls. Therefore, to appropriately address any Vulnerabilities, Visual Studio must be Updated and the associated software must be re-built and re-distributed to users.

Patches, Workarounds, and Mitigating Strategies can be found in the associated Microsoft Bulletins:

Microsoft Security Bulletin MS09-034:
http://www.microsoft.com/technet/security/Bulletin/MS09-034.mspx.  

Microsoft Security Bulletin MS09-035:
http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx.