Archive for the ‘Security’ tag
GDIPlus Scanning Tool from Sans.org
I recently ranted about the shocking GDIplus.dll JPEG processing vulnerability on this blog. Since then Microsoft released a tool that scans for vulnerable versions of this dll as part of windows update. Unfortunately this tool only results in giving people a false sense of security because it is incomplete.
The good people at sans.org have released their own tool which appears to be much better than Microsoft’s. I recommend running this tool at least once on your Windows PC and then each time you install any application that *may* install its own copy of the dll (i.e. potentially *any* application that does JPEG processing). Of course it’s worth making sure that you have installed all vendor updates before you run the tool as they may well fix the vulnerability. Also, please read the sans.org web page carefully before your run their tool as there are some instances where it is “OK” if a vulnerable instance of the dll is found on your computer.
Additionally for users of Macromedia’s MX line of products, they recently released this security bulletin that states that their products are not affected by the vulnerability.
Thanks goes to my ever dependable colleague Rob for showing me the sans.org tool.
OMIGOD
A quote from the page on microsofts site describing the recent JPEG processing vulnerability in GDI+.
Could I still be vulnerable even after I have installed all required security updates?
Yes. …(long list of reasons why)…
Please find me a tall building to jump from…
Will blog some more about this when (and if) I find an effective way to patch multiple machines + programs without shelling out big $$$
Security Bulletins via RSS
I discovered the Microsoft Security Bulletins RSS feed today. I’ve added it to my list of channels in FeedDemon.
It makes sense that they would use an RSS feed for their security bulletins, it involves a much lower overhead than individual emails. I guess it’s not that different from the concept of “newsgroups”(hmm, I wonder if you can get access to popular newsgroups via RSS?).
Note to self: Look for more security related RSS feeds after my exam next week.
