INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: OT - GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability  (Read 961 times)

hit_ny

  • Citizen of the Universe
  • *****
  • Posts: 3310
  • nothing more to say...
OT - GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability
« on: September 28, 2004, 05:29:38 am »

Good tutorial to check for this

http://www.bleepingcomputer.com/forums/topict3077.html

MC(v10 anyway)  to my knowledge is not affected by this. Provided of course IE is updated for the latest patch. Even if you dont use IE, programs like outlook use it.
Logged

Dragyn

  • Citizen of the Universe
  • *****
  • Posts: 3269
Re:OT - GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability
« Reply #1 on: September 28, 2004, 05:49:18 am »

I've read that SP2 is not affected.
Logged

escaflo

  • Galactic Citizen
  • ****
  • Posts: 409
  • And the answer is.... 42!
Re:OT - GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability
« Reply #2 on: September 28, 2004, 06:10:01 am »

With SP2, it will also be affected. Because some programs that you installed might be using an older version of gdiplus.dll instead of the new patched version that is updated with SP2. Also, Office 2003 is also affected unless you download Office 2003 Service pack which will update Office 2003 gdiplus.dll with the newer version.

This is quite a serious bug in gdiplus.dll as it uses only JPG to transmit viruses or applications and all this can be done without any user intervention. Already an exploit is out as can be seen here:

http://it.slashdot.org/it/04/09/27/2319222.shtml?tid=172&tid=218
 
It is better to be safe than sorry and scan your system for affected gdiplus.dll

If you are using SP2, most probably you will find the scanner pick up a gdiplus.dll in your ntuninstall folder which is basically backup from your previous windows installation. That should be nothing to worry about.
Logged
Don't Panic!
Pages: [1]   Go Up