Today I downloaded the a gdi+ vulnerability (MS04-028) detection tool published by The SANS. In contraddiction as the report provided by MS gdidettool.exe it found two version of vulnerable dlls. Be warned don't trust only MS's detection tool! Do all steps to patch your machines. albatross P.S. I think this will be another nightmare for many people.... any news about SUS 2.0/WUS?