Remove dependency on an EOL-ed component – MSXML4

[DonaldGuo]

Products using DataDirect ODBC XML driver might be categorized as unsafe by security inspectors or IT department since it depends on a EOL-ed component, for which Microsoft are very very unlikely to provide any further security patches to solve new vulnerability found. === Some details === Data Direct ODBC XML driver depends on "msxml4.dll". See http://media.datadirect.com/download/docs/odbc/allodbc/help.html?_ga=1.180938727.174995294.1392110067#page/userguide/rfi1363234410817.html You must also have the Microsoft XML parser, msxml4.dll, not a higher version, installed." According to https://msdn.microsoft.com/en-us/library/jj152146(v=vs.85).aspx , MSXML4 EOLed on April 2014, Microsoft suggests using MSXML6 which is already shipped with most (if not all) supported Windows version. For MSXML 4.0 - " Support ended April 2014; superseded by MSXML 6.0. Customers must upgrade their applications that use MSXML 4.0 to use MSXML 6.0 instead to remain secure ." For MSXML 6.0 - " Shipped as an in-box component on Microsoft Windows XP SP3, Microsoft Windows Vista, and later operating systems ."

Continue reading...