GDI+ Exploit

JingleBells · Oct 2, 2004

I downloaded the scanning tool: Slashdot article,
and its results say i have these two dlls:
C:\program files\Symantec\Web Tools\GDIPlus.dll
C:\program files\WS_FTP Pro\gdiplus.dll
that are vulnerable to the GDI exploit. Can i just replace them with a newer version of GDIPlus.dll?

Xavier · Oct 3, 2004

If you've patched Windows via Windows Update you shouldn't have any worries as the machine will use the copy of GDIPlus within windows/system32 over copies supplied within application folders...

go! update!

http://windowsupdate.microsoft.com

JingleBells · Oct 3, 2004

Ran windows update ages ago when the exploit was first announced, nowt new on there, check most days, scanner still says that WS-FTP and Symantec have old versions of the dll, I had to go on quite a hunt through the windows site to find the relevant office and VS patches though.
Live Update hasn't updated the dll, and to update WS-FTP will require me to get the latest version (v9 as opposed to v8).

Xavier · Oct 3, 2004

as a test, I'd rename the old copies and see if it forces the apps to use the native windows version...

GDI+ Exploit

JingleBells

FH is my second home

Xavier

Can't get enough of FH

JingleBells

FH is my second home

Xavier

Can't get enough of FH

Users who are viewing this thread