<<< Date Index >>>     <<< Thread Index >>>

Re: Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow



On the Microsoft security briefing webcast yesterday they said that GDIPLUS.DLL is distributed with many applications. Depending on how those applications were built, simply replacing the DLL may break the app. They recommend applying Microsoft patches, and contacting the vendors of any apps associated with GDIPLUS.
The GDI+ detection tool ONLY DETECTS CURRENTLY SUPPORTED MICROSOFT PRODUCTS.

They confirmed on the call that older versions ARE VULNERABLE but that only CURRENT versions will be patched. Recommendation, of course, update to current on every version.

There was special guidance for application developers dealing with whether the app was built in Visual Studio as a "Managed Application" or not. Rather than guess about that, I strongly recommend replaying the webcast. There's a PDF of the slides available, and the Q&A had many revealing deteails.

From www.microsoft.com/technet/security/
go to the Register for September Webcast link
even though the meeting is over, Register
it will take you to a "View Recording" page which will let you stream the Live Meeting Replay in Windows Media Format.
_-_
gar