|
-
September 17th, 2004, 07:51 PM
#16
Btw is it just me or does this only work in IE a not Firefox.
The button is greyed out in FF.
-
September 18th, 2004, 04:21 AM
#17
It uses ActiveX to run code locally on your machine, so it requires IE.
Safe computing is a habit, not a toolkit.
-
September 21st, 2004, 03:29 PM
#18
And the first exploits are well under way, according to this:
http://www.theinquirer.net/?article=18585
WinXP users should seriously consider upgrading to SP2 IMO, enad everytone else should get patched. I think this is going to be a big one when it hits 
Nick.
-
September 24th, 2004, 02:53 PM
#19
For those paranoid folk there a GDI Scan tool thats been produced for scanning all your applications to check if any are vulnerable 
gdiscan.exe was written for Windows 2000 and higher. It scans the drive containing the Windows %system% directory and Looks for vulnerable versions of gdiplus.dll, sxs.dll, wsxs.dll, mso.dll.
The scan starts upon execution. It will signal completion of scan in text box with "Done."
Vulnerable versions of the .dll files are listed in RED.
The path where a vulnerable .dll file is found is important. Remember that dlls are loaded in the following order (note: this is a VAST simplification):
The directory from which the application loaded.
The (application's) current directory.
Windows 95/98: The Windows system directory (default: C:\Windows\system)
Windows NT+: The 32-bit Windows system directory (default: C:\WinNT\System32)
Windows NT+: The 16-bit Windows system directory (default: C:\WinNT\System)
The Windows directory (default: C:\WinNT or C:\Windows)
The directories that are listed in the PATH environment variable
-
September 26th, 2004, 10:38 PM
#20
If I Ain't Crappie Fishin', I'm Thinkin' About It
listen with your eyes---its the only way to believe what you hear...
-
September 27th, 2004, 11:25 AM
#21
My suspicion is that MS added the code to allow backdoors into JPEG's to satisfy the DOJ's assault on pedophiles. That is purely a guess.
AsusA7N8X, AthlonXP2200
gForce4600+ti & Audigy Platnium, FPS SOUND. AKA- The ultimate gaming machine (well it WAS three years ago anyway).
-
September 27th, 2004, 04:28 PM
#22
Concerning
http://www.microsoft.com/security/bulletins/200409_jpeg_tool.mspx
maybe this has been said already, but I am finally realizing that the above page is a diagnostic tool to tell you if you need the GDI+ security update. If Step 3 indicates no further action is needed, then so be it. If step 3 says you need the GDI+ security update, you will get instructions where to get it.
Since Windows Update offered this website to me, I assumed it was the GDI+ security fix, itself, which it isn't.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
September 29th, 2004, 05:18 AM
#23
-
September 29th, 2004, 12:37 PM
#24
Vernon Frazee--So what are those who are not offered the GDI+ security update (since they do not run Office components) to do about the vulnerability in IE?
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
September 29th, 2004, 02:12 PM
#25
Or MS Works which also does not have a patch either 
Last edited by 104456; September 29th, 2004 at 02:18 PM.
-
September 29th, 2004, 08:59 PM
#26
According to the Internet Storm Center at the SANS Institute, computers with updated versions of anti-virus software should be protected also.
Hackers Target Microsoft's JPEG Flaw
http://www.kansascity.com/mld/kansas...9784184.htm?1c
-
September 30th, 2004, 06:35 AM
#27
Originally posted by DuaneB
According to the Internet Storm Center at the SANS Institute, computers with updated versions of anti-virus software should be protected also.
From this one, until someone else creates another exploit for the same vuln and gets it out widely before the AV vendors catch up.
Antivirus software is a nice safety net, but it really can't be relied on as an alternative to patching.
Safe computing is a habit, not a toolkit.
-
September 30th, 2004, 07:29 AM
#28
-
September 30th, 2004, 12:14 PM
#29
Vernon Frazee--Thanks for the very informative references.
I have run the gdiscan and found five "vulnerable" versions of gdiplus.dll, two of which were in Microsoft files
C:\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
Version: 5.1.3097.0 <-- Vulnerable version
C:\I386\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
The new version from the SDK download is
5.1.3102.1360
Has anybody here actually replaced the "vulnerable" version with the new version? Systems still work? Always nice to learn from someone else's experience.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
September 30th, 2004, 12:19 PM
#30
Just had the GDI scan note vulnerabilities in Works 7 and NSW2004 as below and replaced both with the patched version and all seems to be working.
C:\Program Files\Microsoft Works\gdiplus.dll
Version: 5.1.3079.3 <-- Vulnerable version [Works v 7]
C:\Program Files\Norton SystemWorks\Password Manager\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version [ NSW 2004]
C:\Program Files\Symantec\Web Tools\GDIPlus.dll
Version: 5.1.3097.0 <-- Vulnerable version [NSW 2004]
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
