GDI+ detection tool

Discussion in 'Windows Update' started by cmcarthy13, Sep 16, 2004.

  1. cmcarthy13

    cmcarthy13 Guest

    Hello,
    We configured the SUS server yesterday to handout the GDI+
    update.
    This morning when the Update was installed on my
    computer.. it asked for a reboot. Normal enough..

    But when it came back up. it told me GDI+ had found
    vulnerabilities and to visit a link.
    http://go.microsoft.com/fwlink/?linkID=33568

    Is there any way of stopping it doing this?
    Caroline
     
    cmcarthy13, Sep 16, 2004
    #1
    1. Advertisements

  2. Hi

    Unapprove the GDI+ Detection Tool at your SUS server. Also, you
    will not be able to stop this from halppening on the clients that
    already have downloaded this "update".

    See also quote below from the "Frequently asked questions (FAQ)
    related to this security update" under the General section here:


    Microsoft Security Bulletin MS04-028
    Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
    http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx

    <quote>
    I use Software Update Services (SUS) to deploy security updates
    in my enterprise. Should I deploy the GDI+ Detection Tool to all
    of my systems?

    While it is possible to deploy the GDI+ Detection Tool via SUS
    to all of the systems in an enterprise, it is not recommended
    or supported. The GDI+ Detection Tool will direct end users back
    to the Microsoft Windows Update site to scan their machines for
    updates.
    </quote>


    Fyi, there is a separate newsgroup for SUS:

    microsoft.public.softwareupdatesvcs

    news://msnews.microsoft.com/microsoft.public.softwareupdatesvcs

    URL to the group softwareupdatesvcs for those who uses the Web
    interface to access the newsgroups:
    http://www.microsoft.com/windowsser...t.mspx?dg=microsoft.public.softwareupdatesvcs

    A Web site about SUS with a FAQ and a SUS forum:
    http://www.susserver.com/

    More SUS Web sites:
    http://www.cites.uiuc.edu/sus/faq.html
    http://www.faqshop.com/sus/default.htm
     
    Torgeir Bakken \(MVP\), Sep 16, 2004
    #2
    1. Advertisements

  3. cmcarthy13

    Max Burke Guest

    Torgeir Bakken (MVP) scribbled:

    I have installed the GDI update using WU when it indicated I needed it; I
    have also installed the office update version (for MS Work 2002) through the
    Office update webpage.

    I have also downloaded the this detection tool and every time I run it , it
    says my system may still be vulnerable. I have checked the web that lists
    all the vulnerable applications, etc, and do NOT have any of thes
    applications installed.

    WU says I'm fully up to date; Office update says I'm fully up to date; Why
    is this detection tool saying I may still be vulnerable?
     
    Max Burke, Sep 16, 2004
    #3
  4. Hi

    The tool is not reliable. I have also an fully updated computer (nothing
    else than the OS and the .NET Framework installed, and the tool still
    says the computer may be vulnerable.

    As you have noted, the tool uses the word "may", so if you installed
    all relevant updates from
    http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx
    I would not think more about it.
     
    Torgeir Bakken \(MVP\), Sep 17, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.