InstallSite Blog - If you are redistributing MSCOMCTL.OCX you may need to contact your customers
Microsoft released a critical security update for MSCOMCTL.OCX. Windows Update will replace the vulnerable version of the ActiveX control that shipped with various Microsoft products (Office, SQL Server, etc.). But if you installed a private copy of this file in your application folder, it will not be replaced by Windows Update. Instead, you should send an update to your customers, as noted in the FAQ section of Microsoft Security Bulletin MS12-060:
I am a third-party application developer and I use the ActiveX control in my application. Is my application vulnerable and how do I update it?
Developers who redistribute the ActiveX control should ensure that they update the version of the ActiveX control installed with their application by downloading the update provided in this bulletin. For more information on best practices on redistributed component ... [GD: Click through for links]
If you're shipping this OCX, not referencing an already installed copy, but shipping your own, private version say side-by-side, etc, then you'll likely need to deploy this updated version.
No comments:
Post a Comment
NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...
ALL comments are moderated. I will review every comment before it will appear on the blog.
Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...
I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...
Please see my comment policy for more information if you are interested.
Thanks,
Greg
PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...