Re: MS04-028 & vendor copies of gdiplus.dll

From: BeamGuy (no_at_spam.com)
Date: 09/28/04


Date: Tue, 28 Sep 2004 09:00:15 -0400

Thanks,

It looks like the scanner on windows update missed this on...

Scanning Drive C:...

C:\Documents and Settings\ahalling\Desktop\GDI+\gdiplus.dll

Version: 5.1.3102.1360

C:\Documents and Settings\ahalling\Local Settings\Temp\gdiplus.dll

Version: 5.1.3102.1360

C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.DLL

Version: 6.0.2800.1411

C:\Program Files\Common Files\Microsoft Shared\Web Components\VWC\gdiplus.dll

Version: 5.1.3097.0 <-- Vulnerable version

C:\WINNT\system32\dllcache\vgx.dll

Version: 6.0.2800.1411

Scan Complete.

"Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message news:OTvqtDVpEHA.2764@TK2MSFTNGP11.phx.gbl...
> BeamGuy wrote:
>
> > Thanks...
> >
> > My four copies are all vulnerable... Where might I find a good version?
> Hi
>
> As long as you are finished installing *all* relevant updates from
> the MS04-028 bulletin (see link below), if you still find 5.1.x.x
> gdiplus.dll files on the hard disk with a lesser version number than
> 5.1.3102.1355 (outside any %windir%\WinSxS\... folder that is),
> you should replace them with the gdiplus.dll v5.1.3102.1360 file
> that is available here:
>
> Platform SDK Redistributable: GDI+
> http://www.microsoft.com/downloads/details.aspx?FamilyId=6A63AB9C-DF12-4D41-933C-BE590FEAA05A&displaylang=en
> (this download link is also found in the MS04-028 bulletin)
>
> I suggest you create a backup somewhere of all the old 5.1.x.x
> versions before replacing them, just in case the application using
> the dll doesn't like the replacement (unlikely though).
>
>
> Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution
> http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/scriptcenter/default.mspx



Relevant Pages

  • Re: GDI+ Security
    ... bulletin or from Windows Update) ... is system protected files that you will ... before replacing ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.windowsxp.security_admin)
  • Re: MS04-028 & vendor copies of gdiplus.dll
    ... (this download link is also found in the MS04-028 bulletin) ... versions before replacing them, just in case the application using ... Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.security)
  • Re: Windows Update vs Entire Download
    ... > automatic or manual), instead of simply replacing files as necessary, the ... replaces entire files just as the catalog updates do. ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.windowsupdate)
  • Re: 16 bit Windows Subsystem error
    ... RodneyF wrote: ... Replacing it solves the ... > problem whilst the PC is on but it recurs. ... -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: ...
    (microsoft.public.win2000.general)
  • Re: Adding "Find Target" Command
    ... "Torgeir Bakken " wrote: ... | ErrMsgAndQuit ... | torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway ...
    (microsoft.public.win2000.registry)