Re: MS Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)



"~greg" <g_m@xxxxxxxxxxxxxxxxxx> schrieb:
> "Rock" wrote >
>> Why do you need to re-register shimgvw.dll _before_ applying the patch, and the related question, what if you don't?

You don't. I even recommend to re-register *after* applying the
update. Otherwise your system may be at risk during the pending
patch.

> my guess is the patch needs to find shimgvw.dll to fix it.

Nope, the patch contains gdi32.dll, the culprit of the security
hole which could have been exploited viewing an image *i.e.* via
Windows Picture- and Fax Viewer or Symbol View in Windows Explorer.
Please feel free to review the details in the Security Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

Bye,
Freudi
.