Microsoft has published information on a security vulnerability with their Active Template Library (ATL). Microsoft Visual C++ 2005 Redistributable Package SP1 and Versions 7.0, 7.1, 8.0, and 9.0 of the Active Template Library are affected by these vulnerabilities.This installation is identified in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035 - (Moderate) as being a risk. Is Archive Manager code affected by this as installation of the C++ Redistributable is necessary.
See Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035 http://www.microsoft.com/technet/security/advisory/973882.mspx
STATUS: ATL was/is used by the Offline Client application. We�??ve implemented steps to be shipping all new (patched by Microsoft) vc redist packages with our products.
WORKAROUND: If you have updated your servers with the new versions of vc redist (2005 and 2008), everything should be okay. From 4.1.1 forward we have compiled to the new libraries from Microsoft. Previous versions of Archive Manager who utilize the Offline Client should be upgraded to the latest version of Archive Manager.