DOCSLIB.ORG

Securview 6-0-6 Cybersecurity Product Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Securview 6-0-6 Cybersecurity Product Report ® SecurView 6-0-6 Cybersecurity Product Report 1. A Message to Our Customers Hologic, Inc. continues its dedication and commitment to provide the highest quality products and services to help treat your patients with the best possible experience we can offer. We at Hologic are aware of the threat malicious users and viruses pose. We want you to know about the efforts that we have put forth in evaluating the risks to our products caused by these malicious attacks and computer vulnerabilities, and the countermeasures we take to combat them. Hologic’s Response to Malicious Attacks, Viruses, and Malware Hologic recognizes the need to react quickly to new vulnerabilities that may affect your systems. Of greatest concern to us are ‘Zero Day’ exploits. These are exploits that have not yet been acknowledged by vendors (via a patch or fix method). Hologic has introduced a number of actions to deal with existing and future malicious attacks. They include: • Cybersecurity Team. This team regularly convenes to assess how recent security patch releases may affect our products. • Release of a Best Practices Guide to further minimize any harmful exposure. • On-going monitoring of the information security industry for new vulnerabilities. • Periodic Vulnerability Assessments of Hologic products. 2. Products Affected This document pertains to all SecurView 6-0-6 workstations. 3. Antivirus Protection Hologic acknowledges your concern for obtaining antivirus protection. Therefore, we have evaluated SecurView with several commercial antivirus products. Please review the ‘Antivirus installation instructions’ document specific for each product at http://www.hologic.com/product-support-link/overview/. Please contact your Hologic Customer Service Representative for assistance with installation of these products if you have any questions. Please ensure that you follow our installation and configuration guide to ensure optimal performance and security. We strongly encourage customers to use only antivirus products that we have officially validated, to ensure the continual safety and reliability of our medical related product in order to provide optimal patient care. However, if you insist on using an untested antivirus solution, you use it at your own risk. In the event of system corruption, Hologic will restore the system to the factory default state and will charge for time and materials. 4. Operating System Updates and Security Patches Hologic performs risk analysis to determine the potential consequences of published exploits. We also analyze any risk to the system from applying a security patch. Your Hologic workstation is a medical device and as such, recommended security patches are validated by Hologic for effectiveness. Only Hologic-validated security patches should be installed on your Hologic workstations. If you install these security patches, please follow MAN-01213 Rev 007, January 2011 Page 1 of 9 SecurView 6-0-6 Cybersecurity Product Report the Customer Validation Form provided to ensure the workstation operates properly after installation. Service Packs must be installed and validated by Hologic and cannot be customer validated. The security patches issued in the following Microsoft bulletins have been validated to work with SecurView 6-0-6 running on Windows XP Professional (SP3) and Windows 2003 Server Standard Edition (SP2): MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure http://www.microsoft.com/technet/security/bulletin/MS06-033.mspx MS06-056: Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure http://www.microsoft.com/technet/security/bulletin/MS06-056.mspx MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS07-040.mspx MS08-032: Cumulative Security Update of ActiveX Kill Bits http://www.microsoft.com/technet/security/bulletin/MS08-032.mspx MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service http://www.microsoft.com/technet/security/bulletin/MS08-036.mspx MS08-048: Security Update for Outlook Express and Windows Mail http://www.microsoft.com/technet/security/bulletin/MS08-048.mspx MS08-050: Vulnerability in Windows Messenger Could Allow Information Disclosure http://www.microsoft.com/technet/security/bulletin/MS08-050.mspx MS08-067: Vulnerability in Server Service Could Allow Remote Code Execution http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS08-069.mspx MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS08-076.mspx MS09-006: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-006.mspx MS09-007: Vulnerability in SChannel Could Allow Spoofing http://www.microsoft.com/technet/security/bulletin/MS09-007.mspx MS09-010: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-010.mspx MS09-011: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-011.mspx MS09-012: Vulnerabilities in Windows Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-012.mspx MS09-013: Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-013.mspx MS09-014: Cumulative Security Update for Internet Explorer http://www.microsoft.com/technet/security/bulletin/MS09-014.mspx MS09-015: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-015.mspx MS09-020: Vulnerabilities in IIS Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-020.mspx Page 2 of 9 MAN-01213 Rev 007 SecurView 6-0-6 Cybersecurity Product Report MS09-022: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-022.mspx MS09-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-025.mspx MS09-026: Vulnerability in RPC Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-026.mspx MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-028.mspx MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-029.mspx MS09-032: Cumulative Security Update of ActiveX Kill Bits http://www.microsoft.com/technet/security/bulletin/MS09-032.mspx MS09-034: Cumulative Security Update for Internet Explorer http://www.microsoft.com/technet/security/bulletin/MS09-034.mspx MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-037.mspx MS09-038: Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-038.mspx MS09-041: Vulnerability in Workstation Service Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-041.mspx MS09-042: Vulnerability in Telnet Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-042.mspx MS09-044: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-044.mspx MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-045.mspx MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-046.mspx MS09-047: Vulnerabilities in Windows Media Format Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-047.mspx MS09-051: Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-051.mspx MS09-052: Vulnerability in Windows Media Player Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-052.mspx MS09-054: Cumulative Security Update for Internet Explorer http://www.microsoft.com/technet/security/bulletin/MS09-054.mspx MS09-055: Cumulative Security Update of ActiveX Kill Bits http://www.microsoft.com/technet/security/bulletin/MS09-055.mspx MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing http://www.microsoft.com/technet/security/bulletin/MS09-056.mspx MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution http://www.microsoft.com/technet/security/bulletin/MS09-057.mspx MAN-01213 Rev 007 Page 3 of 9 SecurView 6-0-6 Cybersecurity Product Report MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege http://www.microsoft.com/technet/security/bulletin/MS09-058.mspx MS09-059: Vulnerability in Local Security
Load more

Recommended publications
  • SLDXA /T /L1 – SLX Component List
    SLDXA /T /L1 – SLX Component List SLDXA.exe ver 1.0 Copyright (c) 2004-2006 SJJ Embedded Micro Solutions, LLC All Rights Reserved SLXDiffC.exe ver 2.0 / SLXtoTXTC.exe ver 2.0 www.sjjmicro.com Processing... File1 to TXT file. Opening XSL File Reading RTF for final conversion F:\SLXTEST\LOCKDOWN_DEMO2.SLX has the following Components Total Count is: 577 -------------------------------------------------- .NET Framework 1.1 - Security Update KB887998 Accessibility Control Panel Accessibility Core ACPI Fixed Feature Button Active Directory Service Interface (ADSI) Core Active Directory Service Interface (ADSI) LDAP Provider Active Directory Service Interface (ADSI) Windows NT Provider Active Template Library (ATL) Add Hardware Control Panel Add/Remove Programs Control Panel Administration Support Tools Administrator Account Advanced Configuration and Power Interface (ACPI) PC Analog TV Application Compatibility Core Audio Codecs Audio Control Panel Base Component Base Performance Counters Base Support Binaries CD-ROM Drive Certificate Request Client & Certificate Autoenrollment Certificate User Interface Services Class Install Library - Desk Class Install Library - Mdminst Class Install Library - Mmsys Class Install Library - Msports Class Install Library - Netcfgx Class Install Library - Storprop Class Install Library - System Devices Class Installer - Computer Class Installer - Disk drives Class Installer - Display adapters Class Installer - DVD/CD-ROM drives Class Installer - Floppy disk controllers Class Installer - Floppy disk drives
    [Show full text]
  • Activex Interface for Objectstore
    ACTIVEX INTERFACE FOR OBJECTSTORE RELEASE 3.0 March 1998 ActiveX Interface for ObjectStore Release 3.0, March 1998 ObjectStore, Object Design, the Object Design logo, LEADERSHIP BY DESIGN, and Object Exchange are registered trademarks of Object Design, Inc. ObjectForms and Object Manager are trademarks of Object Design, Inc. Microsoft is a registered trademark and Windows, Windows NT, OLE, and ActiveX are trademarks of Microsoft Corporation. All other trademarks are the property of their respective owners. Copyright © 1989 to 1998 Object Design, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher. COMMERCIAL ITEM — The Programs are Commercial Computer Software, as defined in the Federal Acquisition Regulations and Department of Defense FAR Supplement, and are delivered to the United States Government with only those rights set forth in Object Design’s software license agreement. Data contained herein are proprietary to Object Design, Inc., or its licensors, and may not be used, disclosed, reproduced, modified, performed or displayed without the prior written approval of Object Design, Inc. This document contains proprietary Object Design information and is licensed for use pursuant to a Software License Services Agreement between Object Design, Inc., and Customer. The information in this document is subject to change without notice. Object Design, Inc., assumes no responsibility for any errors that may appear in this document. Object Design, Inc.
    [Show full text]
  • Programming with Windows Forms
    A P P E N D I X A ■ ■ ■ Programming with Windows Forms Since the release of the .NET platform (circa 2001), the base class libraries have included a particular API named Windows Forms, represented primarily by the System.Windows.Forms.dll assembly. The Windows Forms toolkit provides the types necessary to build desktop graphical user interfaces (GUIs), create custom controls, manage resources (e.g., string tables and icons), and perform other desktop- centric programming tasks. In addition, a separate API named GDI+ (represented by the System.Drawing.dll assembly) provides additional types that allow programmers to generate 2D graphics, interact with networked printers, and manipulate image data. The Windows Forms (and GDI+) APIs remain alive and well within the .NET 4.0 platform, and they will exist within the base class library for quite some time (arguably forever). However, Microsoft has shipped a brand new GUI toolkit called Windows Presentation Foundation (WPF) since the release of .NET 3.0. As you saw in Chapters 27-31, WPF provides a massive amount of horsepower that you can use to build bleeding-edge user interfaces, and it has become the preferred desktop API for today’s .NET graphical user interfaces. The point of this appendix, however, is to provide a tour of the traditional Windows Forms API. One reason it is helpful to understand the original programming model: you can find many existing Windows Forms applications out there that will need to be maintained for some time to come. Also, many desktop GUIs simply might not require the horsepower offered by WPF.
    [Show full text]
  • Acronyms PLUS+
    6.27.14 Acronyms PLUS+ #AXUG Twitter Handle for AXUG #AXUGSummit Twitter Handle for AXUG Summit #MSDYNAX Twitter Handle for Microsoft Dynamics AX AA Analytical Accounting ACH Automated Clearing House is a secure payment transfer system that connects all U.S. financial institutions AD Active Directory ADFS Active Directory Federated Services AIF Application Integration Framework AOS Application Object Server AOT Application Object Tree AP Accounts Payable APS Advanced Planning and Scheduling System AR Accounts Receivable AS Authentication Service ASP Active Server Pages OR Application Service Provider ATL Active Template Library AXPC Dynamics AX Parnter Connections Group, now moving to DPC AXUG Dynamics AX Users Group BI Business Intelligence BIDS Business Intelligence Development Studio BOM Bill of Materials BOO Bill of Operations BP Business Portal BPOS Business Productivity Online Standard Suite BRAP Business Ready Advantage Plan BRL Business Ready Licensing B2B Business To Business B/S Balance Sheet CAL Client Access License CAS Code Access Security CfMD Certified for Microsoft Dynamics CFS Critical Success Factor CMS Content Management Server CoA Chart of Accounts CRM Customer Relationship Management CRMUG Dynamics CRM Users Group CRP Capacity Requirements Planning CRP Conference Room Pilot CTRL Control Button on your computer DCI Dynamic Communities, Inc. DCO Dynamics Client for Office DCOM Distributed Component Object Model DDE Dynamic Data Exchange DDV Drill Down Viewer DPC Dynamics Partner Connections EAI Enterprise Application
    [Show full text]
  • Special Characters Numbers
    Index ■Special Characters AddServiceEndpoint( ) member, ServiceHost type, #define, preprocessor directive, 317–319 1032 #elif, preprocessor directive, 317–318 ADO.NET #else, preprocessor directive, 317–318 additional namespaces, 763–764 #endif, preprocessor directive, 317–318 vs. ADO classic, 759–760 #endregion, preprocessor directive, 317 application configuration files, 769–770 #if, preprocessor directive, 317–318 asynchronous data access, 792–793 #region, preprocessor directive, 317 autogenerated data components, 824–825 #undef, preprocessor directive, 317–319 autogenerating SQL commands, 816–817 % modulo operator, C#, 1097 autoincrementing, 797 & operator, pointer types, 312–313 binding DataTables to user interfaces, 804, 806 * operator, pointer types, 312–313 Command object, 781–782 ?? operator, 133 connected layer, 778 += operator, 610 connected vs. disconnected layer, 760 <%@Page%> directive attribute, ASP.NET, 846 connecting to database, Visual Studio 2005, 776 <%Import%> directive, ASP.NET, 846–847 connection objects, 779–780 => token, 1098 ConnectionStringBuilder object, 780–781 ? suffix, nullable types, 131 connectionStrings element, application configuration, 774–775 ■Numbers data access libraries, 1130 data adapter objects, 811–812 3D graphics graphical service, WPF, 1012 data providers, 760, 762 3D rendered animation, 970 data wizards, 822–825 100% code approach, 1048 DataColumn objects, 796, 798 ■ DataRelation objects, 817–820 A DataRow objects, 798–799, 801 A# programming language, 8 DataRow.RowState property, 799–800 Abort(
    [Show full text]
  • Windows CE 6.0 Run-Time Comparison
    Denotes New Item Core Catalog Core Professional Plus Applications - End User ActiveSync File Sync Inbox Sync Pocket Outlook Database Sync CAB File Installer/Uninstaller Games Freecell Solitaire Help Remote Desktop Connection Remote Desktop Protocol (RDP) Audio Playback Redirection Cut/Copy/Paste Clipboard Redirection File Storage Redirection Filtered File Storage Redirection License Information Printer Redirection Serial and Parallel Port Redirection Smart Card Redirection User Interface Dialog Boxes Windows Network Projector Sample Network Projector Terminal Emulator Windows Messenger WordPad Applications and Services Development .NET Compact Framework 2.0 .NET Compact Framework 2.0 .NET Compact Framework 2.0 String Resources .Net Compact Framework 2.0 Localized String Resources String Resources Chinese(PRC) String Resources Chinese(Taiwan) String Resources French(France) String Resources German(Germany) String Resources Italian(Italy) String Resources Japanese(Japan) String Resources Korean(Korea) String Resources Portuguese(Brazil) String Resources Spanish(International Sort) .NET Compact Framework 2.0 - Headless .NET Compact Framework 2.0 String Resources - Headless .Net Compact Framework 2.0 Localized String Resources - Headless String Resources Chinese(PRC) – Headless String Resources Chinese(Taiwan) – Headless String Resources French(France) – Headless String Resources German(Germany) – Headless String Resources Italian(Italy) – Headless String Resources Japanese(Japan) – Headless String Resources Korean(Korea) – Headless String
    [Show full text]
  • Benjamin Eugene Key's Resume
    Benjamin Eugene Key's Resume Benjamin Eugene Key 12343 Hunters Chase Dr. Apt 826 Austin, Texas 78729-7217 Home: (512) 250-2239 Mobile: (512) 773-0652 E-Mail: [email protected] Summary A dedicated, self-motivated, and self-taught Software Engineer with demonstrated suc­ cess in the design and development of Assistive Technology applications for Microsoft Windows operating systems. Sixteen years of experience in developing software using C++ and a deep understanding of using object-oriented design principles. Proven problem-solving skills. Proven ability to acquire knowledge about new concepts independently in a short amount of time. Qualifications Programming Languages • C++17 • C++14 • C++11 • C++ • C# • Python • JAWS Scripting Language 1 Markup Languages • HTML 5 • HTML 4 • CSS • Markdown APIs, Frameworks, and Libraries • Win32 API (Windows Application Programming Interface) • STL (Standard Template Library) • MFC (Microsoft Foundation Class Library) • ATL (Active Template Library) • WTL (Windows Template Library) • Boost C++ Libraries • COM (Component Object Model) • MSAA (Microsoft Active Accessibility) • Microsoft SAPI (Speech Application Programming Interface) 4 • Microsoft SAPI 5 • Microsoft Speech Platform 11 • Vocalizer Expressive by Nuance Applications • Microsoft Visual Studio 2017 • Microsoft Visual Studio 2015 • Microsoft Visual Studio 2013 • Microsoft Visual Studio 2010 • Microsoft Visual Studio 2005 • Microsoft Visual Studio 2003 • Microsoft Visual C++ 6 • Microsoft Embedded Visual C++ 4.0 • Perforce • BugZilla • Defect
    [Show full text]
  • Windows Embedded CE Operating System Components
    Windows Embedded CE Operating System Components Core Catalog Core C6G** Professional Plus Applications - End User ActiveSync File Sync Inbox Sync Pocket Outlook Database Sync CAB File Installer/Uninstaller Games Freecell Solitaire Help Remote Desktop Connection Remote Desktop Protocol (RDP) Audio Playback Redirection Cut/Copy/Paste Clipboard Redirection File Storage Redirection Filtered File Storage Redirection License Information Printer Redirection Serial and Parallel Port Redirection Smart Card Redirection User Interface Dialog Boxes Window s Netw ork Projector Sample Netw ork Projector Terminal Emulator Windows Messenger WordPad PRO version Applications and Services Development .NET Compact Framew ork 2.0 .NET Compact Framew ork 2.0 .NET Compact Framew ork 2.0 String Resources .Net Compact Framework 2.0 Localized String Resources String Resources Chinese(PRC) String Resources Chinese(Taiw an) String Resources French(France) String Resources German(Germany) String Resources Italian(Italy) String Resources Japanese(Japan) String Resources Korean(Korea) String Resources Portuguese(Brazil) String Resources Spanish(International Sort) .NET Compact Framew ork 2.0 - Headless .NET Compact Framew ork 2.0 String Resources - Headless .Net Compact Framework 2.0 Localized String Resources - Headless String Resources Chinese(PRC) – Headless String Resources Chinese(Taiw an) – Headless String Resources French(France) – Headless String Resources German(Germany) – Headless String Resources Italian(Italy) – Headless String Resources Japanese(Japan)
    [Show full text]
  • S Security Patches for January 2021 Fix 83 Security Vulnerabilities
    Microsoft's Security Patches for January 2021 Fix 83 Security Vulnerabilities Overview Microsoft released January 2021 security updates on Tuesday which fix 83 vulnerabilities ranging from simple spoofing attacks to remote code execution in various products, including .NET Repository, ASP.NET core & .NET core, Azure Active Directory Pod Identity, Microsoft Bluetooth Driver, Microsoft DTV-DVD Video Decoder, Microsoft Edge (HTML-based), Microsoft Graphics Component, Microsoft Malware Protection Engine, Microsoft Office, Microsoft Office SharePoint, Microsoft RPC, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows DNS, SQL Server, Visual Studio, Windows AppX Deployment Extensions, Windows CryptoAPI, Windows CSC Service, Windows Diagnostic Hub, Windows DP API, Windows Event Logging Service, Windows Event Tracing, Windows Hyper-V, Windows Installer, Windows Kernel, Windows Media, Windows NTLM, Windows Print Spooler Components, Windows Projected File System Filter Driver, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows splwow64, Windows TPM Device Driver, Windows Update Stack, and Windows WalletService. Description of Critical and Important Vulnerabilities Some critical and important vulnerabilities are described as follows: @NSFOCUS 2021 http://www.nsfocus.com Microsoft Defender Remote Code Execution Vulnerability (CVE-2021-1647) This vulnerability was in the 0-day state and was found exploited in the wild. Its impact traces back to certain versions of Windows 2008. Remote attackers could exploit this vulnerability to execute arbitrary code on the computer. Microsoft indicated that users can protect against this vulnerability without additional update measures. The update for this vulnerability is part of updates released by Microsoft regularly for its anti-malware products. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647 Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2021-1707) Microsoft SharePoint contains several important vulnerabilities.
    [Show full text]
  • Microsoft Patches Were Evaluated up to and Including CVE-2019-1303
    Honeywell Security Group 2700 Blankenbaker Pkwy, Suite 150 Louisville, KY 40299 Phone: 1-502-297-5700 Phone: 1-800-323-4576 Fax: 1-502-666-7021 https://www.security.honeywell.com The purpose of this document is to identify the patches that have been delivered by Microsoft® which have been tested against Pro-Watch. All the below listed patches have been tested against the current shipping version of Pro-Watch with no adverse effects being observed. Microsoft Patches were evaluated up to and including CVE-2019-1303. Patches not listed below are not applicable to a Pro-Watch system. 2019 – Microsoft® Patches Tested with Pro-Watch .NET Quality Rollup for .NET Framework CVE-2019-1371 Internet Explorer Memory Corruption Vulnerability CVE-2019-1368 Windows Secure Boot Security Feature Bypass Vulnerability CVE-2019-1367 Scripting Engine Memory Corruption Vulnerability CVE-2019-1366 Chakra Scripting Engine Memory Corruption Vulnerability CVE-2019-1365 Microsoft IIS Server Elevation of Privilege Vulnerability CVE-2019-1359 Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1358 Jet Database Engine Remote Code Execution Vulnerability CVE-2019-1357 Browser Spoofing Vulnerability Microsoft Edge based on Edge HTML Information Disclosure CVE-2019-1356 Vulnerability CVE-2019-1347 Windows Denial of Service Vulnerability CVE-2019-1346 Windows Denial of Service Vulnerability CVE-2019-1345 Windows Kernel Information Disclosure Vulnerability CVE-2019-1344 Windows Code Integrity Module Information Disclosure Vulnerability CVE-2019-1343 Windows
    [Show full text]
  • The Active Template Library (ATL) - Introduction
    The Active Template Library (ATL) - Introduction Program examples compiled using Visual C++ 6.0 compiler on Windows XP Pro machine with Service Pack 2. Topics and sub topics for this tutorial are listed below. Don’t forget to read Tenouk’s small disclaimer. The supplementary notes for this tutorial are marshalling and intro to activeX control. Index: Intro Revisiting the COM The Core Interface: IUnknown Writing COM Code COM Classes Using Multiple Inheritance The COM Infrastructure A New Framework ActiveX, OLE, and COM ActiveX, MFC, and COM The ATL Roadmap Client-Side ATL Programming C++ Templates Smart Pointers Giving C++ Pointers Some Brains Using Smart Pointers Smart Pointers and COM ATL's Smart Pointers CComPtr Using CComPtr CComQIPtr Using CComQIPtr ATL Smart Pointer Problems Server-Side ATL Programming ATL and COM Classes The Spaceshipsvr From Scratch The Story ATL COM AppWizard Options Creating a COM Class Apartments and Threading Connection Points and ISupportErrorInfo The Free-Threaded Marshaler Implementing the Spaceship Class Using ATL Basic ATL Architecture Managing VTBL Bloat ATL's IUnknown: CComObjectRootEx ATL and QueryInterface() Making the Spaceship Go Adding Methods to an Interface Dual Interfaces ATL and IDispatch The IMotion and IVisual Interfaces Multiple Dual Interfaces Conclusion CComPtr class info CComQIPtr class info Intro In this module, you'll take a look at the second framework (MFC being the first) now included within Microsoft Visual C++, the Active Template Library (ATL). You'll start by quickly revisiting the Component Object Model (COM) and looking at an alternative method of writing Module 23's CSpaceship object, illustrating that there is more than one way to write a COM class.
    [Show full text]
  • Copyrighted Material
    INDEX A CreateFile, 398, 409 DeviceIOControl, 397, 398, 409, 462, accept function, 548 511, 516, 517, 518, 519, 520 accessing registry. See also web server ReadFile, 398, 409 application WriteFile, 398, 409 during development process, 136 message queue, 378–379 web server application, 550–561 CloseMsgQueue(), 378, 384, 538 ActivateDevice, 398 CreateMsgQueue(), 378, 382, 538, ActivateDeviceEx, 398, 405, 462 539, 543 Active Template Library. See ATL ReadMsgQueue(), 378, 379, 506, 538, ADC (Analog to Digital Converter), 340, 369, 539, 541 604, 615, 628 WriteMsgQueue(), 378, 505, 539, Adobe Flash Player 10.1, 39 542 advanced application development, 485–574. power management, 414–415 See also managed code; real-time Stream Driver, 449–466 applications; USB camera application; web stream IO, 409 server application CloseHandle, 397, 398, 409 Advanced Build Commands, 82, 143, 144, 145, CreateFile, 398, 409 153, 225, 228 DeviceIOControl, 397, 398, 409, 462, Advanced Programmable Interrupt Controller 511, 516, 517, 518, 519, 520 (APIC), 348 ReadFile, 398, 409 AdvertiseInterface, 407, 413 WriteFile, 398, 409 aggressive fl ushing, 129, 133 Watchdog Timers, 375–376 Analog to Digital Converter (ADC), 340, 369, Win32, 13, 175, 184, 494, 512, 514, 567 604, 615, 628 application deployment. See also deployment animation COPYRIGHTED MATERIALCAB installation package, 398–399 Adobe Flash Player 10.1, 39 local storage, 299, 300–301 SWE, 512 managed code smart device application, SWE_Hello application project, 287–288 213–215 APIC (Advanced Programmable Interrupt options, 297–301 Controller), 348 part of OS run-time image, 300–301 APIs (application programming interfaces) RFID Reader application, 595–598 application streaming, 409 Win32 smart device application project, CloseHandle, 397, 398, 409 200–201 659 bbindex.inddindex.indd 665959 88/2/11/2/11 55:21:01:21:01 PPMM application development – \BINCOMPRESS application development, 173–180.
    [Show full text]