Jump to content

This is a ready-only archive of the InstallSite Forum. You cannot post any new content here. / Dies ist ein Archiv des InstallSite Forums. Hier können keine neuen Beiträge veröffentlicht werden.

MSCOMCTL.OCX security update

No replies to this topic

Stefan Krueger

Stefan Krueger


  • Administrators
  • 13,269 posts

Posted 15 August 2012 - 13:10

Microsoft released a critical security update for MSCOMCTL.OCX. Windows Update will replace the vulnerable version of the ActiveX control that shipped with various Microsoft products (Office, SQL Server, etc.). But if you installed a private copy of this file in your application folder, it will not be replaced by Windows Update. Instead, you should send an update to your customers, as noted in the FAQ section of Microsoft Security Bulletin MS12-060:

I am a third-party application developer and I use the ActiveX control in my application. Is my application vulnerable and how do I update it?
Developers who redistribute the ActiveX control should ensure that they update the version of the ActiveX control installed with their application by downloading the update provided in this bulletin. For more information on best practices on redistributed component use, please see Microsoft Knowledge Base Article 835322 and Isolated Applications and Side-by-side Assemblies.