Geekswithblogs.net

Dan K Blog

Grocery Geek


News

Official NaNoWriMo 2007 Participant


  • Gmail






    • My Stats

    • Posts - 148
    • Comments - 178
    • Trackbacks - 152

    Tag Cloud


    Recent Comments


    Recent Posts


    Article Categories


    Archives


    Post Categories


    Image Galleries


    Blogs I Read


    << Code Camp II Blogger Dinner | Home | Nonsense, shenanigans, hijinks and tomfoolery >>

    Time to update! GDI + security flaw OH NO!!!



    There's a big brouhaha over this whole JPEG / GDI+ security flaw.  Here is the technet article.  I suggest you take a quick look at the article, it looks like it's a little more serious than it sounds.  Here is a link to the CNET article (via Patrick Hynds).  A quick excerpt from the article lists the affected Microsoft applications:

    Affected Software:

    Microsoft Windows XP and Microsoft Windows XP Service Pack 1 – Download the update

    Microsoft Windows XP 64-Bit Edition Service Pack 1 – Download the update

    Microsoft Windows XP 64-Bit Edition Version 2003 – Download the update

    Microsoft Windows Server™ 2003 – Download the update

    Microsoft Windows Server 2003 64-Bit Edition – Download the update

    Microsoft Office XP Service Pack 3 – Download the update

    Microsoft Office XP Service Pack 2 – Download the administrative update

    Microsoft Office XP Software:

    Outlook® 2002

    Word 2002

    Excel 2002

    PowerPoint® 2002

    FrontPage® 2002

    Publisher 2002

    Microsoft Office 2003 – Download the update

    Microsoft Office 2003 Software:

    Outlook® 2003

    Word 2003

    Excel 2003

    PowerPoint® 2003

    FrontPage® 2003

    Publisher 2003

    InfoPath™ 2003

    OneNote™ 2003

    Microsoft Project 2002 Service Pack 1 (all versions) – Download the update

    Microsoft Project 2003 (all versions) – Download the update

    Microsoft Visio 2002 Service Pack 2 (all versions) – Download the update

    Microsoft Visio 2003 (all versions) – Download the update

    Microsoft Visual Studio .NET 2002 – Download the update

    Microsoft Visual Studio .NET 2002 Software:

    Visual Basic .NET Standard 2002

    Visual C# .NET Standard 2002

    Visual C++ .NET Standard 2002

    Microsoft Visual Studio .NET 2003 – Download the update

    Microsoft Visual Studio .NET 2003 Software:

    Visual Basic .NET Standard 2003

    Visual C# .NET Standard 2003

    Visual C++ .NET Standard 2003

    Visual J# .NET Standard 2003

    The Microsoft .NET Framework version 1.0 SDK Service Pack 2 – Download the update

    Microsoft Picture It!® 2002 (all versions) – Download the update

    Microsoft Greetings 2002 – Download the update

    Microsoft Picture It! version 7.0 (all versions) – Download the update

    Microsoft Digital Image Pro version 7.0 – Download the update

    Microsoft Picture It! version 9 (all versions, including Picture It! Library) – Download the update

    Microsoft Digital Image Pro version 9 – Download the update

    Microsoft Digital Image Suite version 9 – Download the update

    Microsoft Producer for Microsoft Office PowerPoint (all versions) – Download the update

    Microsoft Platform SDK Redistributable: GDI+ - Download the update

    Office Users Note Office XP Service Pack 2 and Office XP Service Pack 3 are both vulnerable to this issue. However the security update for Office XP Service Pack 2 is only provided as part of the Office XP administrative security update. For more information, see the Security Update Information section. Office 2003 Service Pack 1, Visio 2003 Service Pack 1, and Project 2003 Service Pack 1 contain an updated version of the affected component and are not affected. Customers that have installed these service packs do not need to install the available security updates for these products.

    MSN 9 Users Note MSN 9 distributes Picture It! Express version 9 and Picture It! Library. You have the option to install these programs when you install MSN 9. You should install the Picture It! version 9 update only if you installed Picture It! Express version 9 or Picture It! Library when you installed MSN 9.

    Affected Components:

    Internet Explorer 6 Service Pack 1 - Download the update

    The Microsoft .NET Framework version 1.0 Service Pack 2 – Download the update

    The Microsoft .NET Framework version 1.1 – Download the update

    Non-Affected Software

    Microsoft Windows NT Server 4.0 Service Pack 6a

    Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

    Microsoft Windows 2000 Service Pack 3, Microsoft Windows 2000 Service Pack 4

    Microsoft Windows XP Service Pack 2

    Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and Microsoft Windows Millennium Edition (Me)

    Microsoft Office 2003 Service Pack 1

    Microsoft Office 2000

    Microsoft Visio 2003 Service Pack 1

    Microsoft Visio 2000

    Microsoft Project 2003 Service Pack 1

    Microsoft Project 2000

    Microsoft Digital Image Suite 10, Microsoft Digital Image Pro 10, Picture It! Premium 10

    The Microsoft .NET Framework version 1.1 SDK

    Microsoft Works (all versions)

    Non-Affected Components:

    Internet Explorer 5.01 Service Pack 3 on Windows 2000 Service Pack 3

    Internet Explorer 5.01 Service Pack 4 on Windows 2000 Service Pack 4

    Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium Edition

    The Microsoft .NET Framework version 1.0 Service Pack 3

    The Microsoft .NET Framework version 1.1 Service Pack 1

    The Microsoft .NET Framework version 1.1 Service Pack 1 for Windows Server 2003

    Note The non-affected versions of Windows do not natively contain the vulnerable component. However, the vulnerable component is installed on these non-affected operating systems when you install any of the software programs or components that are listed in the Affected Software and Affected Components sections of this bulletin. See the FAQ section of this bulletin for more information.

    • Share This Post:
    • Share on Twitter
    • Share on Facebook
    • Share on Technorati

    Posted On Wednesday, September 15, 2004 10:26 PM

    Comments

    Gravatar # re: Time to update! GDI + security flaw OH NO!!!
    Posted by Betty Reed on 9/10/2009 12:19 PM
    I have Msn Picture it! 2001...LOVE IT!
    However...am having difficulty loading to Windows Vista. Ashamed to say, "have never updated it."
    Bought a new upgrade......hated it! Gave it away.
    Do not want to lose my version.
    Can anyone help?
    B
    Post A Comment
    Title:
    Name:
    Email:
    Website:
    Comment:
    Verification: