GDI+ Detection Tool

Hi,
Sorry but I am a little behind in updates. I flubbed the WindowsUpdate tool
so I downloaded the GDI+ Detection Tool from the Microsoft site. When I
double-click the gdidettool.exe, I get an error message "gdidettool.exe is
not a valid Win32 application." I tried putting this in 3 different folders.
It doesn't work from anywhere....it keeps giving me the same error.

I used a SANS test tool and it shows I have two vulnerable,
C:\I386\ASMA\1000\MFST\Windows\DGIPLUS.DLL and C:\I386\SXS.DLL, and other
"possibles". How do I get this Detection Tool to work?
I have WindowsXP SP1 and IE6 SP1.
Thanks,
Judy

>-----Original Message-----
>Hi,
>Sorry but I am a little behind in updates. I flubbed the
WindowsUpdate tool
>so I downloaded the GDI+ Detection Tool from the
Microsoft site.
download exe again or go to

This page provides instructions for how to update your
computer with the GDI+ security update for September 2004.

http://www.microsoft.com/security/bu...00409_jpeg_too
l.mspx

The link you listed got this message:
"We’re sorry, but there is no Microsoft.com Web page matching your entry.
etc."


"" wrote:

>
> >-----Original Message-----
> >Hi,
> >Sorry but I am a little behind in updates. I flubbed the
> WindowsUpdate tool
> >so I downloaded the GDI+ Detection Tool from the
> Microsoft site.
> download exe again or go to
>
> This page provides instructions for how to update your
> computer with the GDI+ security update for September 2004.
>
> http://www.microsoft.com/security/bu...00409_jpeg_too
> l.mspx
>

In article <E19A7CD0-78DA-4E5D-A4D4->,
=?Utf-8?B?SnVkeQ==?= <> wrote:
>The link you listed got this message:
>"We’re sorry, but there is no Microsoft.com Web page matching your entry.
>etc."
>
>
>"" wrote:
>
>>
>> >-----Original Message-----
>> >Hi,
>> >Sorry but I am a little behind in updates. I flubbed the
>> WindowsUpdate tool
>> >so I downloaded the GDI+ Detection Tool from the
>> Microsoft site.
>> download exe again or go to
>>
>> This page provides instructions for how to update your
>> computer with the GDI+ security update for September 2004.
>>
>> http://www.microsoft.com/security/bu...00409_jpeg_too
>> l.mspx
>>


sans.org has a tool. I don't mind having a tool
to keep Microsoft honest.

http://isc.sans.org/gdiscan.php

Read the page, the tool has a couple rough edges.

I have a queston. I read the MS Document about this
and it said that w2k was safe but some MS Office apps
need the patch.

I have a w2k system that's completely up to date according
to update.microsoft.com. I don't have ANY MS applications
on this puppy. But when I ran the SANS tool it found
a GDI file that needs to be fixed. I have no idea
how.




--
Al Dykes
-----------
adykes at p a n i x . c o m

Hi again,
I downloaded the tool again and it took me to this page.
http://www.microsoft.com/security/bu...jpeg_tool.mspx. This
looks like it may be the link you were giving me. There is nothing there to
tell me which updates I need. I updated 2 critical updates relating to JPEG
(867461 .NET Framework 1.0 SP3 & 833987, WinXP) but the SANS GDI tool is
still showing I have 2 vulnerable dll's, as listed in my original question. I
don't have any of the other software Microsoft lists. Just Windows XP & IE,
which is what those 2 dll's are referring to. But there is no windows update
for IE when it scans my computer. Any suggestions on how to get what I need.
Thanks,
Judy


"" wrote:

>
> >-----Original Message-----
> >Hi,
> >Sorry but I am a little behind in updates. I flubbed the
> WindowsUpdate tool
> >so I downloaded the GDI+ Detection Tool from the
> Microsoft site.
> download exe again or go to
>
> This page provides instructions for how to update your
> computer with the GDI+ security update for September 2004.
>
> http://www.microsoft.com/security/bu...00409_jpeg_too
> l.mspx
>

Hi Al,
Thanks for your reply.

"Al Dykes" wrote:

> In article <E19A7CD0-78DA-4E5D-A4D4->,
> =?Utf-8?B?SnVkeQ==?=
Sorry, but what is this link, it doesn't work.

> sans.org has a tool. I don't mind having a tool
> to keep Microsoft honest.
>
> http://isc.sans.org/gdiscan.php
>
> Read the page, the tool has a couple rough edges.
>
> I have a queston. I read the MS Document about this
> and it said that w2k was safe but some MS Office apps
> need the patch.
>
> I have a w2k system that's completely up to date according
> to update.microsoft.com. I don't have ANY MS applications
> on this puppy. But when I ran the SANS tool it found
> a GDI file that needs to be fixed. I have no idea
> how.

That's what I'm trying to find out too. The MS GDI tool just takes me to a
page that tells me nothing. It just seems to lead around in circles.

I used the SANS tool and I too have 2 GDI dll's vulnerable, as I posted in
my original message. I have no other MS apps either. I patched the two from
WindowsUpdate and the SANS tool is still showing 2 vulnerablities, one for
Windows and one for IE. I have no idea where to go from here except to call
MS at their 1-866-PCSAFETY. According to CNET news, the flaw has been
exploited on AOL Instant Messenger, but SANS has had only 2 reports of it so
far.
Sooooo..............
If you figure it out, please let me know.......and if I do, I'll let you know.
Judy

>-----Original Message-----
>Hi again,
>I downloaded the tool again and it took me to this page.
>http://www.microsoft.com/security/bu...200409_jpeg_to
ol.mspx. This
>looks like it may be the link you were giving me. There
is nothing there to
>tell me which updates I need. I updated 2 critical
updates relating to JPEG
>(867461 .NET Framework 1.0 SP3 & 833987, WinXP) but the
SANS GDI tool is
>still showing I have 2 vulnerable dll's, as listed in my
original question. I
>don't have any of the other software Microsoft lists.
Just Windows XP & IE,
>which is what those 2 dll's are referring to. But there
is no windows update
>for IE when it scans my computer. Any suggestions on how
to get what I need.
>Thanks,
>Judy
>
>
>"" wrote:
>
>>
>> >-----Original Message-----
>> >Hi,
>> >Sorry but I am a little behind in updates. I flubbed
the
>> WindowsUpdate tool
>> >so I downloaded the GDI+ Detection Tool from the
>> Microsoft site.
>> download exe again or go to
>>
>> This page provides instructions for how to update your
>> computer with the GDI+ security update for September
2004.
>>
>>
http://www.microsoft.com/security/bu...00409_jpeg_too
>> l.mspx

Hello again

C:\I386\ASMA\1000\MFST\Windows\DGIPLUS.DLL and C:\I386
\SXS.DLL

Well, the files in directory c:\386 are from the original
win xp installation and usually not used but the sans tool
found them. What you should do is search on your disk and
verify the version of all other sxs.dll and dgdiplus.dll
installed on your computer. The important directory is
c:\windows\system32 for sxs.dll The other file I don't
have . You can check the version # by right clicking the
file and choosing properties.
THe windows updates and office updates are important.
If you find these files in other directories they should
be replaced with the recent versions.

Other m$ web pages that can helpfor other m$ products.

http://support.microsoft.com/default.aspx?scid=kb;en-
us;873374

http://www.microsoft.com/technet/sec...bulletin/ms04-
028.mspx

Hi Again,

"" wrote:
> Hello again
>
> C:\I386\ASMA\1000\MFST\Windows\DGIPLUS.DLL and C:\I386
> \SXS.DLL
> Well, the files in directory c:\386 are from the original
> win xp installation and usually not used but the sans tool
> found them. What you should do is search on your disk and
> verify the version of all other sxs.dll and dgdiplus.dll
> installed on your computer. The important directory is
> c:\windows\system32 for sxs.dll The other file I don't
> have . You can check the version # by right clicking the
> file and choosing properties.
> THe windows updates and office updates are important.
> If you find these files in other directories they should
> be replaced with the recent versions.

Thank you for checking back and replying.
I did scan for other QDIPLUS.DLL but did not check the version or anythnig
because of where they were. None were in my \System32 file. I will search
again and check all of them as you suggest. The tool & tutorial SANS refers
you to is "The URL to his tutorial is
http://www.bleepingcomputer.com/forums/topict3077.html ". Under it was the
forum regarding it and was said there about the xp cd installation, as you
said, and he said not to worry about that. He also said there was no
replacement for sxs.dll yet.

> Other m$ web pages that can helpfor other m$ products.
>
> http://support.microsoft.com/default.aspx?scid=kb;en-
> us;873374
This tool sent me around in circles and says I "may" have. It also sent me
to a page that had system requirements other than mine.
>
> http://www.microsoft.com/technet/sec...bulletin/ms04-
> 028.mspx
I installed this 833987.
I have a Dell and did email them to see what they have to say being that
they installed WindowsXP Home on my computer. Hmmmm.
Thanks again, your explanations really helped. Now I can sleep tonight.
Judy

>-----Original Message-----

>>you to is "The URL to his tutorial is
>http://www.bleepingcomputer.com/forums/topict3077.html ".
Under it was the
>forum regarding it and was said there about the xp cd
installation, as you
>said, and he said not to worry about that. He also said
there was no
>replacement for sxs.dll yet.
>
Dear Judy

I have a DELL also and I LOVE it.
You will find a replacement for sxs.dll in the SP2 update
it's version 5.1.2600.2180

The sp1 version is 5.1.2600.1106, original is 5.1.2600.0

That's why M$ whants you to install SP2.

Have a good day !!

Hi Anonymous,

Oooooh, I seeeeee. Whenever I send an MS Error Report it says SP2 will fix
it. I'm waiting for the SP2 CD to arrive. I have dial up. ick. WU says 8
hrs. for me to download it. Not going to do that. It's suppose to be about
an hour with the CD.
I LOVE my Dell also. But support leaves some to be desired. Yep, that's the
sxs.dll version the SANS tool shows.

It shows 2 GDIPLUS.DLL as versions is 5.1.3097.0 and 5.1.3101.0 also as
possibles in 2 "Windows Side-By-Side DLL" C:\Windows directories. Whatever
that is. I'm not that savvy. Planned on searching my computer for this one
today.

Thank you again so much for your help.
Have a great weekend.
Judy



"" wrote:

>
> >-----Original Message-----
>
> >>you to is "The URL to his tutorial is
> >http://www.bleepingcomputer.com/forums/topict3077.html ".
> Under it was the
> >forum regarding it and was said there about the xp cd
> installation, as you
> >said, and he said not to worry about that. He also said
> there was no
> >replacement for sxs.dll yet.
> >
> Dear Judy
>
> I have a DELL also and I LOVE it.
> You will find a replacement for sxs.dll in the SP2 update
> it's version 5.1.2600.2180
>
> The sp1 version is 5.1.2600.1106, original is 5.1.2600.0
>
> That's why M$ whants you to install SP2.
>
> Have a good day !!
>