MikeShaw's WebLog

Developer Security and other stuff

Visual Studio .NET and .NET Framework 1.0 need patching

Hopefully this is old news to everyone, but just in case it isn't...

The JPEG GDI+ buffer overrun vulnerability affects multiple software applications which need to be patch individually. Visual Studio .NET 2002 and 2003 as well as the .NET Framework 1.0 SP2 all need patching following the MS04-028 security bulletin. Here are the most common patches that a developer like you might have installed:

•	Microsoft Visual Studio .NET 2002 and – Download the update (KB830348)
•	Microsoft Visual Studio .NET 2003 – Download the update (KB830348)
•	The Microsoft .NET Framework version 1.0 SDK Service Pack 2 – Download the update (KB867461)
•	Microsoft Platform SDK Redistributable: GDI+ - Download the update

Don’t forget desktop applications like Office and Visio are affected too. Check out this link for a complete list of affected software, there may be more you’ve missed: http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

I shall write more on the topic of why the GDI+ DLL patching has been so tricky in the near future...

ASP.NET Weblogs

This Blog

Syndication

Recent Posts

Tags

UK DPE Colleagues

Archives

MikeShaw's WebLog

Visual Studio .NET and .NET Framework 1.0 need patching

Comments

Leave a Comment