ms04-028 confirmation of vulnerabilities
From: blobby (anonymous_at_discussions.microsoft.com)
Date: 09/30/04
- Next message: Steve: "Re: Help Microsoft define the next Windows Certificate Server"
- Previous message: dschenk52: "RE: New MSSecure.XML Version 2004.09.14.0 Now Available"
- Next in thread: Lanwench [MVP - Exchange]: "Re: ms04-028 confirmation of vulnerabilities"
- Reply: Lanwench [MVP - Exchange]: "Re: ms04-028 confirmation of vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Sep 2004 05:20:34 -0700
when looking at the listed affected software on the
security bulletin, my interpretation of Office Xp
vulnerability is that only when SP3 is applied is it
vulnerable (hence if you dont have Sp3 applied you are
not actually vulnerable to the GDI+ issue). The
GFILanguard NSS we are trailling seesm to concurr with
this view - hence it does not report ms04-028 as a
vulnerability to machines running officeXP pre SP3.
Can anyone confirm this to be the case ? (i.e the
application of the lastest SP3 - whcih fixes other
issues...introduces the vulnerability to GDI+.
Cheers
- Next message: Steve: "Re: Help Microsoft define the next Windows Certificate Server"
- Previous message: dschenk52: "RE: New MSSecure.XML Version 2004.09.14.0 Now Available"
- Next in thread: Lanwench [MVP - Exchange]: "Re: ms04-028 confirmation of vulnerabilities"
- Reply: Lanwench [MVP - Exchange]: "Re: ms04-028 confirmation of vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
