GDI+

[Nobody Special]

The Microsoft GDI+ Detection Tool (KB873374) didn't find
any vulnerable GDI+ dlls, yet the detection tool I got
from Internet Storm Center (gdiscan.exe) finds 7 out of 8
occurrences on my system ARE vulnerable. What the heck's
with that? Thanks.

 

[Carey Frisch [MVP]]

Description of the Microsoft GDI+ Detection Tool
http://support.microsoft.com/default.aspx?scid=kb;[LN];873374

"The Microsoft GDI+ Detection Tool detects if you have any
one of the Microsoft programs installed on your computer that are
listed in the "Applies To" section. If the tool detects these programs,
you will be redirected to a Web page that contains the latest security
information and security bulletins."

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

-----------------------------------------------------------------------------------

:

| The Microsoft GDI+ Detection Tool (KB873374) didn't find
| any vulnerable GDI+ dlls, yet the detection tool I got
| from Internet Storm Center (gdiscan.exe) finds 7 out of 8
| occurrences on my system ARE vulnerable. What the heck's
| with that? Thanks.

 

[Tom]

And WTF does this have to do with what the OP posted????

Why in the hell do you NOT read what people post instead of seeing the subject line, and think you are actually making a valuable post. Why don't you just get lost, and contribute elsewhere that doesn't require actual reading, but needs read and react situations..

 

[Dave Senior]

Hey Tom,

Calm down. Bleach can affect the functioning of the brain and no wonder blonde women tend to be dumbs!

Carey Frisch is simply reciting Microsoft's mantra that SP2 is the best, it is the wonder drug and no one should live without it. She has herself had a patch of plastic SP2 applied to her face but I don't think this has made any difference otherwise she would be with her man instead of copying and pasting from MS website!!!

Have a nice day!!

And WTF does this have to do with what the OP posted????

Why in the hell do you NOT read what people post instead of seeing the subject line, and think you are actually making a valuable post. Why don't you just get lost, and contribute elsewhere that doesn't require actual reading, but needs read and react situations..

Description of the Microsoft GDI+ Detection Tool
http://support.microsoft.com/default.aspx?scid=kb;[LN];873374

"The Microsoft GDI+ Detection Tool detects if you have any
one of the Microsoft programs installed on your computer that are
listed in the "Applies To" section. If the tool detects these programs,
you will be redirected to a Web page that contains the latest security
information and security bulletins."

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

-----------------------------------------------------------------------------------

:

| The Microsoft GDI+ Detection Tool (KB873374) didn't find
| any vulnerable GDI+ dlls, yet the detection tool I got
| from Internet Storm Center (gdiscan.exe) finds 7 out of 8
| occurrences on my system ARE vulnerable. What the heck's
| with that? Thanks.

--
I use non Microsoft products wherever possible which requires no activation.

I use Netscape 7.2 as my default browser which has everything I need for my work.

I believe in good Financial Management!! I do not believe in enriching rich jerks!

 

[Tom]

Carey isn't a dumb blond, rather a male MS sychophant.

Hey Tom,

Calm down. Bleach can affect the functioning of the brain and no wonder blonde women tend to be dumbs!

Carey Frisch is simply reciting Microsoft's mantra that SP2 is the best, it is the wonder drug and no one should live without it. She has herself had a patch of plastic SP2 applied to her face but I don't think this has made any difference otherwise she would be with her man instead of copying and pasting from MS website!!!

Have a nice day!!

And WTF does this have to do with what the OP posted????

Why in the hell do you NOT read what people post instead of seeing the subject line, and think you are actually making a valuable post. Why don't you just get lost, and contribute elsewhere that doesn't require actual reading, but needs read and react situations..

Description of the Microsoft GDI+ Detection Tool
http://support.microsoft.com/default.aspx?scid=kb;[LN];873374

"The Microsoft GDI+ Detection Tool detects if you have any
one of the Microsoft programs installed on your computer that are
listed in the "Applies To" section. If the tool detects these programs,
you will be redirected to a Web page that contains the latest security
information and security bulletins."

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

-----------------------------------------------------------------------------------

:

| The Microsoft GDI+ Detection Tool (KB873374) didn't find
| any vulnerable GDI+ dlls, yet the detection tool I got
| from Internet Storm Center (gdiscan.exe) finds 7 out of 8
| occurrences on my system ARE vulnerable. What the heck's
| with that? Thanks.

--
I use non Microsoft products wherever possible which requires no activation.

I use Netscape 7.2 as my default browser which has everything I need for my work.

I believe in good Financial Management!! I do not believe in enriching rich jerks!

 

[Nobody Special]

Dear Mr Frisch,
It sounds like what you're telling me is that Microsoft's
detection tool is restricted to detecting the
vulnerability only in the Microsoft products I have
installed on my computer (if, and only if, they are listed
in the "applies to" list) and couldn't care less about any
other applications I have installed on my computer that
were either a) not produced by Microsoft, or b) produced
by Microsoft, but insufficiently important to be included
in the "applies to" list. That's understandable, because
if they were to detect all occurances of the vulnerable
GDI+ dlls in people's systems, they may be troubled by
people wanting to know who to call to get replacement dlls
for all those non-Microsoft applications. Now the
statement on Internet Storm Center regarding contacting
manufacturers of affected applications makes sense. I
should have realized that before ever posting my inquiry
here. % Thanks for your help.

-----Original Message-----
Description of the Microsoft GDI+ Detection Tool
http://support.microsoft.com/default.aspx?scid=kb; [LN];873374

"The Microsoft GDI+ Detection Tool detects if you have any
one of the Microsoft programs installed on your computer that are
listed in the "Applies To" section. If the tool detects these programs,
you will be redirected to a Web page that contains the latest security
information and security bulletins."

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.a spx

----------------------------------------------------------

-------------------------

:

| The Microsoft GDI+ Detection Tool (KB873374) didn't find
| any vulnerable GDI+ dlls, yet the detection tool I got
| from Internet Storm Center (gdiscan.exe) finds 7 out of 8
| occurrences on my system ARE vulnerable. What the heck's
| with that? Thanks.

.

 

[VManes]

Nobody,

Are you running XP on the system you're complaining about? If so, then
complain to the software vendors that put extra copies of the gdi+ dll on
your system, and aren't updating it. They should not have put it there in
the first place

From the MS gdi+ redistribution license:
===========
Gdiplus.dll
===========

For Windows XP use the system-supplied gdiplus.dll. Do not install a new
gdiplus.dll over the system-supplied version (it will fail due to Windows
File Protection).

For Windows 2000, Windows Millennium Edition, Windows NT 4.0 and Windows 98,
install gdiplus.dll into the private directory of the application not into
the system directory.

In addition to the rights granted in Section 1 of the Agreement
("Agreement"), with respect to gdiplus.dll for Windows 2000, Windows
Millennium Edition, Windows NT 4.0 and Windows 98, you have the following
non-exclusive, royalty free rights subject to the Distribution Requirements
detailed in Section 1 of the Agreement:

(1) You may distribute gdiplus.dll solely for use with Windows 2000, Windows
Millennium Edition, Windows NT 4.0 and Windows 98.

~~~~~~~~~~~~~~~~~~~~~~~~~~

If you're concerned about the vulnerable copies in Norton or other program
folders, try deleting it and see if there's any ill effect.

As to MS not identifiying and updating the MSO.dll and WinSXS.dll - is that
the name of the utility?

V.M

***************************
Practice safe eating -- always use condiments.
***************************

Dear Mr Frisch,
It sounds like what you're telling me is that Microsoft's
detection tool is restricted to detecting the
vulnerability only in the Microsoft products I have
installed on my computer (if, and only if, they are listed
in the "applies to" list) and couldn't care less about any
other applications I have installed on my computer that
were either a) not produced by Microsoft, or b) produced
by Microsoft, but insufficiently important to be included
in the "applies to" list. That's understandable, because
if they were to detect all occurances of the vulnerable
GDI+ dlls in people's systems, they may be troubled by
people wanting to know who to call to get replacement dlls
for all those non-Microsoft applications. Now the
statement on Internet Storm Center regarding contacting
manufacturers of affected applications makes sense. I
should have realized that before ever posting my inquiry
here. % Thanks for your help.

-----Original Message-----
Description of the Microsoft GDI+ Detection Tool
http://support.microsoft.com/default.aspx?scid=kb; [LN];873374

"The Microsoft GDI+ Detection Tool detects if you have any
one of the Microsoft programs installed on your computer that are
listed in the "Applies To" section. If the tool detects these programs,
you will be redirected to a Web page that contains the latest security
information and security bulletins."

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.a spx

----------------------------------------------------------

-------------------------

:

| The Microsoft GDI+ Detection Tool (KB873374) didn't find
| any vulnerable GDI+ dlls, yet the detection tool I got
| from Internet Storm Center (gdiscan.exe) finds 7 out of 8
| occurrences on my system ARE vulnerable. What the heck's
| with that? Thanks.

.