The Industry Consortium for Advancement of Security on the Internet (ICASI) is releasing this alert to provide guidance on issues that have been raised regarding vulnerabilities in Microsoft’s Active Template Library (ATL). These vulnerabilities could result in information disclosure or remote code execution attacks for controls and components built using vulnerable versions of the ATL.