Full Disclosure mailing list archives
SV: Sans GDI scan says still vulnerable after patching
From: "Peter Kruse" <kruse () krusesecurity dk>
Date: Wed, 6 Oct 2004 18:30:38 +0200
Hi Billy, Copy your updated gdiplus.dll file and overwrite the vulnerable DLL's. Please note that this procedure might provent third part software from working proberly.
F:\WINDOWS\system32\dllcache\sxs.dll
See: http://support.microsoft.com/?kbid=236995
F:\WINDOWS\system32\sxs.dll
This usally occurs when third part software is installed on the system. Their DLL's might be based upon the vulnerable version from MS. You shold make a backup of the vulnerable DLL's and overwite them with the new patched version. If this doesn't give any problems, with any other software you've installed, you can always delete the backup. Regards Peter Kruse http://www.csis.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sans GDI scan says still vulnerable after patching BillyBobKnob (Oct 06)
- RE: Sans GDI scan says still vulnerable after patching Alan Melia (Melmac) (Oct 06)
- SV: Sans GDI scan says still vulnerable after patching Peter Kruse (Oct 06)
- <Possible follow-ups>
- RE: Sans GDI scan says still vulnerable after patching Todd Towles (Oct 06)