GDI Scan - Page 2

chew · #26 September 25th, 2004, 09:04 PM

Devico

Yes, I think his MS Office might be a cracked version. So will the patch work for him?

Even if it's not cracked ... I think he might even lost it anyway.

So advice welcome.

P/s: I will only be able to upgrade to SP2 as I still need to get the CD.

bigc73542 · #27 September 25th, 2004, 09:07 PM

Quote:

Originally Posted by chew

D'oh! just checked the Office Update and was told I needed to update to Office XP SP3. So now I need to dig out my Office XP CD installation/registration key somewhere in my box.

I just called my friend to inform him but in his case his is a bit different. He told me he got it somewhere but I think otherwise. I think his office XP CD is a bit dodgy. So in that case how's he suppose to patch? Do you think it will work for him?

P/s: BigC if you are not running Office ... what are you running? OpenOffice?

In the support info I read it said that the ofice xp patch would fix the vulnerability in xp jpeg rendering. And it seem to have . Didn't hurt. and no. No office at all. it patched the hp digital imaging software I have to stop the jpeg exploit.

Devinco · #28 September 25th, 2004, 09:07 PM

chew,

Well then it serves him right.

I think you need the CD for the full Office Service Packs.
The patches like the one I linked to have a version that doesn't need the CD.
But it is not the full SP.

chew · #29 September 25th, 2004, 09:13 PM

Devico

Yes, I guess I will just let him know later. His choice really.

I will patch mine later on for the Full SP.

nick s · #30 September 25th, 2004, 10:37 PM

Quote:

Originally Posted by bigc73542

I didnt have office but the office xp update fixed it. but it is good that it's available at win. updates, much easier to get to.

Tried running the Office XP update and get this error:

Nick

bigc73542 · #31 September 25th, 2004, 10:47 PM

Quote:

Originally Posted by nick s

Tried running the Office XP update and get this error:

Nick

I did have an installed app that required the office update, the hp digital imaging app I have required it.

nick s · #32 September 25th, 2004, 11:12 PM

Quote:

Originally Posted by bigc73542

I did have an installed app that required the office update, the hp digital imaging app I have required it.

Makes sense. I will assume that, since I have SP2 and no affected third party imaging apps, I should not be vulnerable. Microsoft should provide guidance regarding what to do with the various versions of these dlls that remain on systems after patching.

Nick

bigbuck · #33 September 26th, 2004, 08:18 PM

Yep,

I've got exactly the same vulnerables as shown at the top of this thread.
I am fully patched SP2 and Office Updates....but these still exist.........I'm a bit worried.
By the way......Don't think I've ever had to use my office disks ever for an office update.

C:\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
Version: 5.1.3097.0 <-- Vulnerable version
C:\I386\ASMS\10100\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
Version: 5.1.3101.0 <-- Vulnerable version
C:\WINDOWS\$NtServicePackUninstall$\vgx.dll
Version: 6.0.2800.1106 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Version: 5.1.2600.1106 <-- Possibly vulnerable (Backup for uninstall purposes)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll
Version: 5.1.3097.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\GdiPlus.dll
Version: 5.1.3101.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)

I'm at a loss.

Buck

nick s · #34 September 27th, 2004, 04:14 PM

GDI Vulnerabilities : An open letter to Microsoft by Tom Liston (developer of GDI Scan).

Nick

ronjor · #35 September 27th, 2004, 04:36 PM

I am curious to see the reply.

Devinco · #36 September 27th, 2004, 04:36 PM

Excellent letter! Will MS read it? Will they understand it? Will they do something about it before it's too late?

I'm glad we are not the only ones talking about this.

nadirah · #37 September 28th, 2004, 03:11 AM

In my honest opinion, this ridiculous GDI+ is just really annoying, wondering what the guys at Redmond are gonna do about this.

Mele20 · #38 September 28th, 2004, 09:15 AM

Quote:

Originally Posted by Untouchable J

I just download the GDI scanner from:

Gdi Scan

and heres my results:

C:\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
Version: 5.1.3097.0 <-- Vulnerable version
C:\I386\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\I386\SXS.DLL
Version: 5.1.2600.1106 <-- Vulnerable version
C:\I386\VGX.DLL
Version: 6.0.2800.1106 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.DLL
Version: 6.0.2800.1106 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\Program Files\Sonic\RecordNow!\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Version: 5.1.2600.1106 <-- Possibly vulnerable (Backup for uninstall purposes)
C:\WINDOWS\SYSTEM32\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\SYSTEM32\sxs.dll
Version: 5.1.2600.1515
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll
Version: 5.1.3097.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\GdiPlus.dll
Version: 5.1.3101.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.1360_x-ww_24a2ed47\GdiPlus.dll
Version: 5.1.3102.1360

From what I can read I got all the updates needed from Microsoft, but I still got these detected.

What should I do?

-J

I just ran that scanner and I have the MS Picture It 7 listed. I had tried to patch that earlier. I got caught in a loop and cannot download the patch. Same thing happened when I tried to patch MS Works 2003.

I see that you have the Sonic Record Now dll listed as vulnerable. What do we do about something like that? I can't even ask Sonic because I have the Dell installed software so it's Dell's responsibility.

I'm running XP Pro SP1a and have the OS patch, IE patch and Office patch. My understanding was that is all that is needed but this tool flags things like MS Picture it which I cannot install the patch for. I think the tool is not taking into consideration the fact that in XP the operating system version of the Gdiplus.dll is used unless there is side by side bypass by the vendor which is rare. Thus, since I patched the OS, IE and Office I should be ok.

The dll in question for Sonic is indeed the MS dll so no side by side bypass and the way I read the MS bulletin, with the OS patch, Sonic will use the new, safe Gdiplus.dll for XP Pro Sp1a. I hope I'm right about that.

Rita · #39 September 29th, 2004, 02:35 PM

hi
here is the results of my scan do i need to get office update too?

nick s · #40 September 29th, 2004, 02:51 PM

Quote:

Originally Posted by ritaann

hi
here is the results of my scan do i need to get office update too?

Hi ritaann. I ran across this tutorial on GDI Scan this morning: GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability. It includes the download link to the latest gdiplus.dll.

Nick

Rita · #41 September 29th, 2004, 03:21 PM

thank you nick,going to go read it now
rita

Devinco · #42 September 29th, 2004, 03:31 PM

Thank you Nick!

Rita · #43 September 29th, 2004, 04:28 PM

important question-when i download the office update--when it ask where to put it what should i type in?
rita

Devinco · #44 September 29th, 2004, 04:36 PM

Hi Ritaann,

Just go to OfficeUpdate and it will scan and install updates from there. You will need to use IE.

Rita · #45 September 29th, 2004, 04:44 PM

Quote:

Originally Posted by Devinco

Hi Ritaann,

Just go to OfficeUpdate and it will scan and install updates from there. You will need to use IE.

hi devinco
i did just now and it says have to have ie 6 which i do or to turn off the firewall which i did but it still wont work--wonder why?thanks
rita

Devinco · #46 September 29th, 2004, 04:47 PM

Add http://office.microsoft.com to your trusted sites.
It needs activeX and scripting

Rita · #47 September 29th, 2004, 04:50 PM

Quote:

Originally Posted by Devinco

Add http://office.microsoft.com to your trusted sites.
It needs activeX and scripting

how do i do that

rita

the mul · #48 September 29th, 2004, 05:00 PM

In internet explorer you click - tools - internet options - security and then u will see trusted site, u click on that and then add this web address to the list then click ok. http://office.microsoft.com

THE MUL

Devinco · #49 September 29th, 2004, 05:00 PM

I know Ronjor would have an excellent link for the procedure, but basically you double click the little globe next to the word Internet in the lower right corner of IE. This brings up the Internet Security Properties window Click on the icon for Trusted sites. Then click the Sites... button.
Type in http://office.microsoft.com in the text field.
Uncheck the require server verification check box.
Click Add, OK, OK

The Mul, you beat me by 10 seconds!

Rita · #50 September 29th, 2004, 06:14 PM

hi Mul and devinco
I done it and it still wont do it??thanks anyway for helping me,appreciate it--will keep trying
rita

hey ,this time it worked for some reason but checked and said i didnt need any updates--so how do i fix the things that was on the GDIS scan?--thanks

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search