Re: MS Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)

"Ottmar Freudenberger" <freudi@xxxxxxx> wrote in message news:43be41f3$0$20781$9b4e6d93@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> "~greg" <g_m@xxxxxxxxxxxxxxxxxx> schrieb:
>> "Rock" wrote >
>>> Why do you need to re-register shimgvw.dll _before_ applying the patch, and the related question, what if you don't?
> You don't. I even recommend to re-register *after* applying the
> update. Otherwise your system may be at risk during the pending
> patch.
>> my guess is the patch needs to find shimgvw.dll to fix it.
> Nope, the patch contains gdi32.dll, the culprit of the security
> hole which could have been exploited viewing an image *i.e.* via
> Windows Picture- and Fax Viewer or Symbol View in Windows Explorer.
> Please feel free to review the details in the Security Bulletin:
> Bye,
> Freudi

You're right - unless the patch *also* does something to shimgvw.dll.
But as I understand it now there would be no need for that.

Also apparently the patch *is* a new gdi32.dll.
They're the same size anyway.

I think it is remarkable that the major Windows library is only 274k!
( and gdi.dll is 24k!!)
It's functions must be calling out to do the rendering.



Relevant Pages

  • Re: Virus in microsoft Patch
    ... "Windows must restart because the Remote Procedure Call ... your system and install the patch mentioned above. ... You can also configure Automatic Updates to automatically ...
  • Re: Daylight Savings Time 2007 and Windows 2000 Server...
    ... Joe Richards Microsoft MVP Windows Server Directory Services ... support older versions of their software as well as Microsoft. ... patch for this problem but to also thoroughly test it and develop the ...
  • Re: Is running a patch that changes something in Windows XP permis
    ... again for a Microsoft MVP: I have been trying to understand what the ... Windows XP versions before SP2 the system was recognised as SP2 RC1. ... > some things to quote here that tell us that the patch probably does not ... > change the value of TcpNumConnections in the registry and that there isn't ...
  • Re: CONFIG_VFAT_FS_DUALNAMES regressions
    ... The patch only changes the values stored for new files created by ... A filesystem is intact when all of its metadata is intact. ... in a virtual machine I connected it to the windows update service to ... see if there had been updates to the old install images I had, ...
  • Re: Learning process
    ... a million users on Windows would be ... Most of the patches are fixes for problems in security and a lot of ... pile of games or the SQL blaster which required 2 patchs - patch 1, ... holes *aren't* patched almost immediately. ...