MS Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Ex

[PA Bear]

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing 912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot before
installing 912919.

 

[Guest]

Since installing the update I'm having trouble accessing many web sites. Any
ideas?

 

[Alias]

Since installing the update I'm having trouble accessing many web sites. Any
ideas?

Can you give us an example of a web site you cannot access?

 

[Guest]

Can you give us an example of a web site you cannot access?

My email spam filter site (spamsoap.com) for one. A MegaUpLoad site, for
two. And intermittently, Google and search results on Google. There were
quite a few others.

 

[Alias]

My email spam filter site (spamsoap.com) for one. A MegaUpLoad site, for
two. And intermittently, Google and search results on Google. There were
quite a few others.

I can't get spamsoap.com to load (maybe it's just down) but have no
problem with Google. What other sites?

 

[Guest]

I am not computer smart. I believe my daughter got this virus on her
computer. How, in English, can we get rid of it.
Thanks.

 

[David H. Lipman]

From: "PollyBeJoyous" <[email protected]>

| I am not computer smart. I believe my daughter got this virus on her
| computer. How, in English, can we get rid of it.
| Thanks.
|

He posted information on a patch, not a virus !



If you are using any version of Sun Java that is prior to JRE Version 5.0,
then you are strongly urged to remove any/all versions that are prior to JRE
Version 5.0. There are vulnerabilities in them and they are actively being exploited.
It is possible that is how you got infected with malware.

Therefore, it is highly suggested that if there are any prior versions of Sun Java
to Version 5 on the PC that they be removed and Sun Java JRE Version 5.0 Update 6
be installed ASAP.

http://www.java.com/en/download/manual.jsp


For non-viral malware...

Please download, install and update the following software...

* Ad-aware SE v1.06
http://www.lavasoft.de/
http://www.lavasoftusa.com/

* SpyBot Search and Destroy v1.4
http://security.kolla.de/

After the software is updated, I suggest scanning the system in Safe Mode.

I also suggest downloading, installing and updating BHODemon for any Browser Helper Objects
that may be on the PC.

* BHODemon

http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d

For viral malware...

* Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm


* * * Please report back your results * * *

 

[Guest]

After applying this patch and rebooting, my machine locks up on the WindowsXP
black welcome screen.

 

[Jim Pickering]

Did you disable any antivirus program from running while installing the
patch? If so, uninstall the patch, shut down any antivirus program and try
reinstalling it. Or just boot into Safe Mode with networking and install it
since your AV program will not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


"Ward Durossette ([email protected])"

After applying this patch and rebooting, my machine locks up on the
WindowsXP
black welcome screen.

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP
newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing
912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot
before
installing 912919.

 

[Jim Pickering]

Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System Event
log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Did you disable any antivirus program from running while installing the
patch? If so, uninstall the patch, shut down any antivirus program and
try reinstalling it. Or just boot into Safe Mode with networking and
install it since your AV program will not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


"Ward Durossette ([email protected])"

After applying this patch and rebooting, my machine locks up on the
WindowsXP
black welcome screen.

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP
newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics
Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing
912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot
before
installing 912919.

 

[~greg]

Hey!
I check my own KB912919.log
and there are some discouraging things in it,
starting with: "DoInstallation: CleanPFR failed: 0x2",
and them some "cab does not exist"s.
The last one is a "RegOpenKeyEx failed with error 0x2".

But before that it says "...\gdi32.dll was delayed; reboot is required."
I did that, and the final status for
"Security Update for Windows XP (KB912919)"
has a green-checkmark after it.

My gdi32.exe currently is:
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005

So I don't know!
Most of the other KB logs have similar entries.

I use Norton anti-virus and did not disable it before getting the patch.
But that never seemed to be a problem before.

(I am hesitant to post the whole KB log here since
I don't know what it can reveal about my system.)

~greg
("what, me worried?")

Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System Event log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Did you disable any antivirus program from running while installing the patch? If so, uninstall the patch, shut down any
antivirus program and try reinstalling it. Or just boot into Safe Mode with networking and install it since your AV program will
not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

After applying this patch and rebooting, my machine locks up on the WindowsXP
black welcome screen.

:

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing 912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot before
installing 912919.

 

[Jim Pickering]

Again I would say uninstall it, then boot to Safe Mode with networking
support, so your antivirus is not running and try running it again. You
should then get an error free install. Post back if you do not.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Hey!
I check my own KB912919.log
and there are some discouraging things in it,
starting with: "DoInstallation: CleanPFR failed: 0x2",
and them some "cab does not exist"s.
The last one is a "RegOpenKeyEx failed with error 0x2".

But before that it says "...\gdi32.dll was delayed; reboot is required."
I did that, and the final status for
"Security Update for Windows XP (KB912919)"
has a green-checkmark after it.

My gdi32.exe currently is:
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005

So I don't know!
Most of the other KB logs have similar entries.

I use Norton anti-virus and did not disable it before getting the patch.
But that never seemed to be a problem before.

(I am hesitant to post the whole KB log here since
I don't know what it can reveal about my system.)

~greg
("what, me worried?")

Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System
Event log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Did you disable any antivirus program from running while installing the
patch? If so, uninstall the patch, shut down any
antivirus program and try reinstalling it. Or just boot into Safe Mode
with networking and install it since your AV program will
not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


"Ward Durossette ([email protected])"
message
After applying this patch and rebooting, my machine locks up on the
WindowsXP
black welcome screen.

:

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP
newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics
Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing
912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot
before
installing 912919.

 

[~greg]

as I hoped and prayed...

from here:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/deployment/winupdte.mspx

i gather that the 'fails' in my KB912919.log anyway were benign.

Under: Log Entries That Seem to Be Errors

DoInstallation: CleanPFR failed: 0x2
--This indicates that there were no entries
in the Pending File Rename (PFR) queue,
so there were none to remove.


LoadFileQueues: UpdSpGetSourceFileLocation for halmacpi.dll failed: 0xe0000102
--Known failure, see Non-Error Log Entries.
This package does not contain HAL files,
and since installation continues this is not a true error.

In Function TestVolatileFlag, line 11873, RegOpenKeyEx failed with error 0x2
---Known failure, see Non-Error Log Entries.
0x2 indicates a “not found” error.
Since installation continues this is not a true error.


In Function SetVolatileFlag, line 11789, RegOpenKeyEx failed with error 0x2
-- this one's not mentioned specifically on that web page, but it seems obvious
it naturally follows on the last one.

~
And now my happiness will be perfect,
if anyone's sucessful update resulted in a gdi32.exe with
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005



~greg

"Whoever you are, I have always depended on the kindness of strangers."
- Blanche DuBois.

Hey!
I check my own KB912919.log
and there are some discouraging things in it,
starting with: "DoInstallation: CleanPFR failed: 0x2",
and them some "cab does not exist"s.
The last one is a "RegOpenKeyEx failed with error 0x2".

But before that it says "...\gdi32.dll was delayed; reboot is required."
I did that, and the final status for
"Security Update for Windows XP (KB912919)"
has a green-checkmark after it.

My gdi32.exe currently is:
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005

So I don't know!
Most of the other KB logs have similar entries.

I use Norton anti-virus and did not disable it before getting the patch.
But that never seemed to be a problem before.

(I am hesitant to post the whole KB log here since
I don't know what it can reveal about my system.)

~greg
("what, me worried?")

Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System Event log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Did you disable any antivirus program from running while installing the patch? If so, uninstall the patch, shut down any
antivirus program and try reinstalling it. Or just boot into Safe Mode with networking and install it since your AV program
will
not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


After applying this patch and rebooting, my machine locks up on the WindowsXP
black welcome screen.

:

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing 912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot before
installing 912919.

 

[~greg]

Again I would say uninstall it, then boot to Safe Mode with networking support, so your antivirus is not running and try running
it again. You should then get an error free install. Post back if you do not.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Too late, Jim.
I am convinced now that the update went through ok for me,
in spite of the 'fails'. The 'fails' I got are apparently benign.

And I wouldn't know how to do that --"safe mode with networking support",
--off hand. I should learn how to, someday, but so far I've only
ever gotten updates by Automatic Update, without ever any
problem. (--I keep the service disabled and have to re-enable
it each time, but I'm used to doing that now.)

I have been wanting to learn how to do it more manually,
because somewhere I got the impression that some updates
may be available sooner that way, and maybe some others
aren't available at all any other way (--?)

Anyway, thanks,
~greg

Hey!
I check my own KB912919.log
and there are some discouraging things in it,
starting with: "DoInstallation: CleanPFR failed: 0x2",
and them some "cab does not exist"s.
The last one is a "RegOpenKeyEx failed with error 0x2".

But before that it says "...\gdi32.dll was delayed; reboot is required."
I did that, and the final status for
"Security Update for Windows XP (KB912919)"
has a green-checkmark after it.

My gdi32.exe currently is:
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005

So I don't know!
Most of the other KB logs have similar entries.

I use Norton anti-virus and did not disable it before getting the patch.
But that never seemed to be a problem before.

(I am hesitant to post the whole KB log here since
I don't know what it can reveal about my system.)

~greg
("what, me worried?")

Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System Event log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


Did you disable any antivirus program from running while installing the patch? If so, uninstall the patch, shut down any
antivirus program and try reinstalling it. Or just boot into Safe Mode with networking and install it since your AV program
will
not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


After applying this patch and rebooting, my machine locks up on the WindowsXP
black welcome screen.

:

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing 912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it & reboot before
installing 912919.

 

[Jim Pickering]

To start Safe Mode, reboot the computer and during startup, hit the F8 key
several times to get the option. In any case, glad to hear it seemingly
went without error, but I think you were looking for "gdi32.dll" and not
gdi32.exe.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Again I would say uninstall it, then boot to Safe Mode with networking
support, so your antivirus is not running and try running it again. You
should then get an error free install. Post back if you do not.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.

Too late, Jim.
I am convinced now that the update went through ok for me,
in spite of the 'fails'. The 'fails' I got are apparently benign.

And I wouldn't know how to do that --"safe mode with networking support",
--off hand. I should learn how to, someday, but so far I've only
ever gotten updates by Automatic Update, without ever any
problem. (--I keep the service disabled and have to re-enable
it each time, but I'm used to doing that now.)

I have been wanting to learn how to do it more manually,
because somewhere I got the impression that some updates
may be available sooner that way, and maybe some others
aren't available at all any other way (--?)

Anyway, thanks,
~greg

Hey!
I check my own KB912919.log
and there are some discouraging things in it,
starting with: "DoInstallation: CleanPFR failed: 0x2",
and them some "cab does not exist"s.
The last one is a "RegOpenKeyEx failed with error 0x2".

But before that it says "...\gdi32.dll was delayed; reboot is required."
I did that, and the final status for
"Security Update for Windows XP (KB912919)"
has a green-checkmark after it.

My gdi32.exe currently is:
Product Version: 5.1.2600.2818
and
Date Modified: 12/18/2005

So I don't know!
Most of the other KB logs have similar entries.

I use Norton anti-virus and did not disable it before getting the patch.
But that never seemed to be a problem before.

(I am hesitant to post the whole KB log here since
I don't know what it can reveal about my system.)

~greg
("what, me worried?")




Also forgot to mention.

Could you please check the KB912919.log in %windir% and/or the System
Event log for error messages?
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be helped.
Thanks.


Did you disable any antivirus program from running while installing
the patch? If so, uninstall the patch, shut down any
antivirus program and try reinstalling it. Or just boot into Safe
Mode with networking and install it since your AV program will
not be running in Safe Mode.
--
Jim Pickering, MVP, Outlook Express
https://mvp.support.microsoft.com/profile=F9F51EF1-4AE3-4D23-B2D8-1171988A62D6
Please deliver feedback to the newsgroup, so that others can be
helped.
Thanks.


"Ward Durossette ([email protected])"
message
After applying this patch and rebooting, my machine locks up on the
WindowsXP
black welcome screen.

:

[Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP
newsgroups.
Follow-to set for microsoft.public.security.]

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics
Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update,
Automatic
Update and the download catalog/links. A reboot is required.

NB:

=> If you unregistered shimgvw.dll, re-register it before installing
912919.

=> If you installed the temporary, third-party patch
(http://www.hexblog.com/2005/12/wmf_vuln.html), uninstall it &
reboot before
installing 912919.

 

[~greg]

To start Safe Mode, reboot the computer and during startup, hit the F8 key several times to get the option.

it's the "with networking support" that I'm in the fog about.


In any case, glad to hear it seemingly

went without error, but I think you were looking for "gdi32.dll" and not gdi32.exe.

oh god you're right!
......

ok - i found gdi32.dll.
and (-good, i think...)
-same Product Version: 5.1.2600.2818
-same Date Modified: 12/18/2005
as gdi32.exe.

 

[~greg]

sorry, i'm tired.

a search in %Windows%
shows four gdi32.dlls
three are the same, with Date Modified: 12/28/2005 9:54 PM
(--not 12/18/2005)
and one of these is in \system32

(- there is one old gdi.exe, from 2002)

the older gdi32.dll
is from 2004, in %Windows%\ServicePackFiles\i386.

 

[Alias]

>



it's the "with networking support" that I'm in the fog about.

It just means you go into safe mode online. Great way to get rid of
viruses, too, doing an online virus scan in that mode.

 

[PA Bear]

Crossposted to Security, Security.HomeUsers, IE6, OE6 and WinXP newsgroups.
Follow-To set for microsoft.public.windowsupdate
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For best help:

1. If you're having problems after installing this *patch*, please post a
new message to this newsgroup:

microsoft.public.windowsupdate

Via the web interface:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windowsupdate

Via your newsreader:
news://msnews.microsoft.com/microsoft.public.windowsupdate

2. If you're having browser problems caused by *hijackware* that used the
exploit addressed by this patch, please post a new message to this
newsgroup:

microsoft.public.security

Via the web interface:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.security

Via your newsreader:
news://msnews.microsoft.com/microsoft.public.security

Thanks.
--
~PA Bear

-----Original Message-----

Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering
Engine Could Allow Remote Code Execution (912919):
http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx

MS06-001 (912919) is available via Windows/Microsoft Update, Automatic
Update and the download catalog/links. A reboot is required.

<snip>

 

[Ottmar Freudenberger]

ok - i found gdi32.dll.
and (-good, i think...)
-same Product Version: 5.1.2600.2818

Fine, that's the one included in the patch.

Nice weekend,
Freudi