Hi,
My team have been using Infragistics Net Advantage 2007 for .Net CLR 2.0 for the past 2 years. Recently Microsoft announced that there is a security flaw in their Active Template Library(ATL) code:
http://www.networkworld.com/news/2009/072709-microsoft-rushes-clutch-patch-for.html?page=1
http://www.microsoft.com/technet/security/bulletin/ms09-jul-ans.mspx
Does Net Advantage 2007 utilize the ATL? If so, in which components?
Any reply is appreciated as this is a hot issue inside my company right now where several .Net projects use Infragistics.
Karthik Sukumar
Karthik,
Speaking from the Windows Forms perspective and from the articles mentioned and looking into what ATL is, I don't think that you will have any issues with Infragistics components since they are written in C#, while ATL seem to be for C++ for COM interoperability. The Infragistics controls are, with the exception of needing to call Windows APIs (through PInvoke), written in managed code so I don't think that you have anything to worry about in this regard. I can't say for certain whether the Web controls utilize any of this functionality, but I would think not given the more limited trust environment and lack of need for such things.
-Matt
We are using the following component: specifically ProtoView TreeViewX v8.0 . Just wonder if it is also safe from this vulnerability.