.. should read this MS Security Advisory
Microsoft shipped publicly, and used internally private ATL libraries which contain security vulnerabilities. Key takeaway is that you may need to recompile programs utilising ATL code with the patched libraries for them to be secure.
Affects Microsoft Visual Studio .NET 2003, Microsoft Visual Studio 2005, Microsoft Visual Studio 2008, Microsoft Visual C++ 2005 Redistributable Package, and Microsoft Visual C++ 2008 Redistributable Package.
Further Visual Studio details here
, and the implications for Internet Explorer (which utilised the vulnerable ATL libraries) as one example affected program here