{"id":2893,"date":"2011-06-17T07:00:00","date_gmt":"2011-06-17T07:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/vcblog\/2011\/06\/17\/update-on-bulletin-ms11-025\/"},"modified":"2019-02-18T18:44:51","modified_gmt":"2019-02-18T18:44:51","slug":"update-on-bulletin-ms11-025","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/cppblog\/update-on-bulletin-ms11-025\/","title":{"rendered":"Update on Bulletin MS11-025"},"content":{"rendered":"<p>A while back Microsoft had released <strong>security bulletin MS11-025<\/strong> that addressed a publicly disclosed vulnerability in certain applications built using the <strong>Microsoft Foundation Class (MFC) Library<\/strong>. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an affected application, and the file happened to be located in the same network folder as a specially crafted library file.<\/p>\n<p>Soon after the release, we discovered some issues with the bulletin some of which we talked about <a href=\"http:\/\/blogs.msdn.com\/b\/vcblog\/archive\/2011\/04\/26\/10158277.aspx\">here<\/a>. Microsoft has just issued an <a href=\"http:\/\/www.microsoft.com\/technet\/security\/Bulletin\/MS11-025.mspx\">update to the bulletin<\/a> that addresses the previously discussed issues and a few more:<\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li>For International customers (with localized apps) certain parts of MFC applications resources appeared non-localized.&nbsp; This was due to an incorrect resource loading operation in the MFC libraries.&nbsp; Specifically, the API used (FindActCtxSectionString) requires a structure to be passed in (ACTCTX_SECTION_KEYED_DATA) whose cbSize member is already initialized.&nbsp; The size was not initialized, so depending on the memory content, the API could fail.<\/li>\n<li>Some customer&rsquo;s applications were broken on Windows 2000 because of the previous patch.&nbsp; This was because the fix in the patch used an API (FindActCtxSectionString) that is not supported on the Windows 2000 platform.&nbsp; The new update will not be automatically offered through Microsoft Update but the affected customers can download it from the bulletin.<\/li>\n<li>Patch did not install on users with Windows 7 + Windows 7 SDK on X64 architecture.<\/li>\n<li>Executable size of some applications which link to MFC statically had grown when rebuilt using the patch.&nbsp; This was caused by the fact that some new code was placed in a source module whose object was not normally linked into an application that did not use MFC Feature Pack controls.&nbsp; When the new code was moved to a source module whose object was already being linked into a statically-linked MFC application, the extra link dependencies were eliminated and the size of the application reverted to the expected size.<\/li>\n<li>Visual C++ 2005 SP 1 Redistributable Package revision number was smaller than the previous release.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>The new bulletin reoffers the update for the following products:<\/p>\n<ul>\n<li>Microsoft Visual Studio 2005 Service Pack 1.<\/li>\n<li>Microsoft Visual Studio 2008 Service Pack 1.<\/li>\n<li>Microsoft Visual Studio 2010.<\/li>\n<li>Microsoft Visual Studio 2010&nbsp;Service Pack 1.<\/li>\n<li>Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package.<\/li>\n<li>Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Please let us know if you have any questions.<\/p>\n<p>Thank you <br \/>Visual C++ Team<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A while back Microsoft had released security bulletin MS11-025 that addressed a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an affected application, and the file happened to be located in the [&hellip;]<\/p>\n","protected":false},"author":289,"featured_media":35994,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[8,10],"class_list":["post-2893","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cplusplus","tag-announcement","tag-mfc"],"acf":[],"blog_post_summary":"<p>A while back Microsoft had released security bulletin MS11-025 that addressed a publicly disclosed vulnerability in certain applications built using the Microsoft Foundation Class (MFC) Library. The vulnerability could allow remote code execution if a user opens a legitimate file associated with such an affected application, and the file happened to be located in the [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/2893","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/users\/289"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/comments?post=2893"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/2893\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media\/35994"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media?parent=2893"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/categories?post=2893"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/tags?post=2893"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}