![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hi [H]
I've been patching and monitoring the PC's I administer and I found a handy tool - http://isc.sans.org/gdiscan.php - to check if you are vunerable.
Well, MSO and XP are patched and seem fine. However, it seems that Macromedia's Studio MX 2004 software is not. See the log below:
====
Scanning Drive C:...
)
C:\Program Files\Macromedia\Dreamweaver MX 2004\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Macromedia\Fireworks MX 2004\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Serious Magic\Visual Communicator\Bin\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\ServicePackFiles\i386\sxs.dll
Version: 5.1.2600.1106 <-- Vulnerable version
====
I checked the Macromedia Site and the latest update for Studio MX 2004 (the software that is vunerable) was from Feburary 2004.... not too up to date then.
Does anyone have any idea/patch/suggestions about the best way of dealing with this? If it's "Just don't use the applications affected" then fine. I'm just checking.
The reason I am checking is that after Sasser took our school down (I'd only just started here then) I check everything. I'm trying to cover all bases.
Thanks in advance guys and gals
L
I've been patching and monitoring the PC's I administer and I found a handy tool - http://isc.sans.org/gdiscan.php - to check if you are vunerable.
Well, MSO and XP are patched and seem fine. However, it seems that Macromedia's Studio MX 2004 software is not. See the log below:
====
Scanning Drive C:...
)
C:\Program Files\Macromedia\Dreamweaver MX 2004\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Macromedia\Fireworks MX 2004\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Serious Magic\Visual Communicator\Bin\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\WINDOWS\ServicePackFiles\i386\sxs.dll
Version: 5.1.2600.1106 <-- Vulnerable version
====
I checked the Macromedia Site and the latest update for Studio MX 2004 (the software that is vunerable) was from Feburary 2004.... not too up to date then.
Does anyone have any idea/patch/suggestions about the best way of dealing with this? If it's "Just don't use the applications affected" then fine. I'm just checking.
The reason I am checking is that after Sasser took our school down (I'd only just started here then) I check everything. I'm trying to cover all bases.
Thanks in advance guys and gals
L
