Hi, Thanks for posting here. In order to repair the security flaw, please refer to the Security Bulletin of MS09-035. Microsoft Security Bulletin MS09-035 http://technet.microsoft.com/en-us/security/bulletin/MS09-035 Please check the article and install the related patches to fix this security flaw. Hope it helps. Best Regards, Aiden Aiden Cao TechNet Community Support

MS09-035: Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability CVE-2009-2493 MS09-035: Microsoft Visual Studio ATL Null String Remote Code Execution Vulnerability CVE-2009-2495 MS09-035: Microsoft Visual Studio ATL Uninitialized Object Remote Code Execution Vulnerability CVE-2009-0901 All three of these vulnerabilities are appearing on a lot of server scans for an organization. I attempt to patch them by using the Microsoft Visual C++ 2005 Release Redistributable Package because it worked for me before, but this is no longer effective. Also, when doing the vulnerability scan, the application Visual Studios isn't always listed, sometimes it is only C++ 2005, any help on how to make these disappear would be greatly appreciated.

Hi, Thanks for posting here. In order to repair the security flaw, please refer to the Security Bulletin of MS09-035. Microsoft Security Bulletin MS09-035 http://technet.microsoft.com/en-us/security/bulletin/MS09-035 Please check the article and install the related patches to fix this security flaw. Hope it helps. Best Regards, Aiden Aiden Cao TechNet Community Support