| Author |
Message |
JPM
Guest
|
 Posted:
Thu Oct 07, 2004 6:47 pm Post subject:
Gdiplus.dll concern - security |
|
|
One of Microsoft's latest security updates, MS04-028 concerns the buffer overrun/jpg problem which involves updating GDI+. I see that the AutoCAD installation has a couple of instances of gdiplus.dll. Is the buffer overrun of concern in the AutoCAD environment?
Thanks,
JPM
|
|
| Back to top |
|
 |
Cy Shuster
Guest
|
| Posted:
Fri Oct 08, 2004 1:03 am Post subject:
Re: Gdiplus.dll concern - security |
|
|
It's my understanding that AutoCAD (and 3ds max) included gdiplus.dll from
Microsoft with those products, since it wasn't always part of the OS. Now
that Microsoft has updated it, you should use the updated DLL (which is
included with XP SP2).
It should be safe to copy the updated DLL to replace any existing
gdiplus.dll's currently installed. If you have XP, I believe that after
installing Microsoft's updated DLL in the Windows folder, you can simply
delete the other copies of the dll, but this might have implications for
uninstall or patching.
The vulnerability comes from opening JPGs, regardless of the calling
program.
--Cy--
From Discreet:
From Late Breaking 3dsmax bulletins @
http://www.discreet.com/support/max/faq/answer.php3?prod=dddstudio&id=862
GDIPlus.dll Security Threat Hotfix
Posted: September 30, 2004
Background:
3ds max uses a DLL called GdiPlus.dll, provided by Microsoft. Older versions
of the file, including that of Discreet, have been discovered to contain a
vulnerability that allows worms/viruses to be executed from within JPG
images.
Resolution:
To resolve this Security Threat:
Go to http://isc.sans.org/gdiscan.php
Download the utility
Run the test
If the result is the same as bellow, then follow steps 1 or 2 depending on
your OS.
C:\3dsmax6\GdiPlus.dll
Version: 5.1.3100.0
For Windows XP, simply delete the file and run a windows update.
For older versions of Windows, go to Microsoft's website, download the new
GDIPlus.DLL and replace the older one.
More information at:
http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
"JPM" <nospam@address.withheld> wrote in message
news:7959257.1097160488081.JavaMail.jive@jiveforum1.autodesk.com...
| Quote: | One of Microsoft's latest security updates, MS04-028 concerns the buffer
overrun/jpg problem which involves updating GDI+. I see that the AutoCAD
installation has a couple of instances of gdiplus.dll. Is the buffer
overrun of concern in the AutoCAD environment?
Thanks,
JPM |
|
|
| Back to top |
|
|
Bud Schroeder [Autodesk I
Guest
|
| Posted:
Fri Oct 08, 2004 6:08 am Post subject:
Re: Gdiplus.dll concern - security |
|
|
Hello,
As Cy pointed out, you can use the latest version of this file from
Microsoft. We are still doing some testing on this but that is the solution
here. Once we have finished testing this a solution will be posted to the
WEB Site.
Hope this helps and thanks for posting to the News Groups.
Bud Schroeder
AutoCAD Test Development
Autodesk Inc.
"JPM" <nospam@address.withheld> wrote in message
news:7959257.1097160488081.JavaMail.jive@jiveforum1.autodesk.com...
| Quote: | One of Microsoft's latest security updates, MS04-028 concerns the buffer
overrun/jpg problem which involves updating GDI+. I see that the AutoCAD
installation has a couple of instances of gdiplus.dll. Is the buffer
overrun of concern in the AutoCAD environment?
Thanks,
JPM |
|
|
| Back to top |
|
|
JPM
Guest
|
| Posted:
Mon Oct 11, 2004 10:11 pm Post subject:
Re: Gdiplus.dll concern - security |
|
|
Cy and Bud,
Thanks for your responses. I look forward to the results of AutoDesk's tests.
It is unfortunate that it will be a bit of a problem to distribute the patch to all of my users (100+), but I will have to work on that.
JPM |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in