Microsoft GDI+ Detection Tool is useless
From: Semjon (skatatschkow_at_hotmail.com)
Date: 10/02/04
- Next message: TexE2u: "16-bit dos sub-system FIX"
- Previous message: S.Sengupta: "Re: Hourglass"
- Next in thread: Alex Nichol: "Re: Microsoft GDI+ Detection Tool is useless"
- Reply: Alex Nichol: "Re: Microsoft GDI+ Detection Tool is useless"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 2 Oct 2004 16:35:07 -0700
I don't get it - MS said that it provided a fix for the JPEG exploit. But all
I can see is this:
It's the Microsoft GDI+ Detection Tool. So I downloaded it, installed it
and...it did absolutely nothing! Isn't it supposed to scan the harddisk for
all gdi libraries, test them for vulnerability and then display the results?
'Cause in my case it didn't - it just displayed a warning about possible
vulnerabilities being present and then redirected me to:
http://www.microsoft.com/security/bulletins/200409_jpeg_tool.mspx
So what? Great help! This page just redirects me to the office update site
plus offers some gdi detection tools for w2k and win2003.
Plus I have no idea how to re-launch the MS gdi detection tool to rescan the
harddisk. The only way to re-start it is to re-install it! So weird. Where
does it copy itself? I can't find it!
Anyway, it doesn't display WHICH programmes are affected. So it's totally
useless.
I found another scanner - http://isc.sans.org/gdiscan.php , this one indeed
scans the harddisks for vulnerable gdi libraries and displays them all in a
list. This really helps, cause now you can react and either update the
affected programmes or uninstall them if no new versions are available. Why
doesn't MS provide such a tool? Instead they offer their useless tool
- Next message: TexE2u: "16-bit dos sub-system FIX"
- Previous message: S.Sengupta: "Re: Hourglass"
- Next in thread: Alex Nichol: "Re: Microsoft GDI+ Detection Tool is useless"
- Reply: Alex Nichol: "Re: Microsoft GDI+ Detection Tool is useless"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
