Detection and Deployment Logic Update for MS07-052

Hi everyone.  Ben from the MSRC here. I am the case manager that handled the Crystal Reports for Visual Studio Bulletin, MS07-052, and I wanted to let you know that today we updated our detection and deployment logic for that bulletin.

First, I want to note that we’re not making any changes to the update itself given it protects against the vulnerability discussed in the bulletin.  If you’ve applied it successfully already, you have no further action.

What we have done is change our detection logic update for the Visual Studio 2005 Service Pack 1 update only.  This change will address an issue where some customers were being offered KB937061 repeatedly after they had installed the update.  This only occurred if they did not have the Crystal Reports for Visual Studio feature enabled, which is installed and enabled by default for Visual Studio 2005.  Any customers who chose to minimize their installation footprint of VS 2005 and explicitly ‘unchecked’ Crystal Reports during installation would have been impacted by this issue after they applied the Visual Studio 2005 Service Pack 1 update. The change today addresses that and ensures customers will not be reoffered the update after KB937061 is applied.


*This posting is provided “AS IS” with no warranties, and confers no rights.*