MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution (948590)

How to?

Support

Download

Website

Forums

Live Demo

Patch Management Software

Desktop Central helps administrators to automate patch deployment of both Microsoft and Non-Microsoft Applications from a central point.

MS08-021 Bulletin Details

Microsoft Security Bulletins

Bulletin ID:	MS08-021
Title	Vulnerabilities in GDI Could Allow Remote Code Execution (948590)
Summary:	Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This is a critical security update for Microsoft Windows 2000 Service Pack 4, and all supported releases of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. This security update addresses the vulnerability by modifying the way that GDI handles integer calculations and string parameters.
Knowledgebase:	948590

List of Patches

S.No	Patch Name	Severity
1.	Windows2000-KB948590-x86-ENU.EXE	Critical
2.	WindowsServer2003-KB948590-x86-ENU.exe	Critical
3.	WindowsServer2003-SP2-KB948590-x86-ENU.exe	Critical
4.	WindowsXP-KB948590-x86-ENU.exe	Critical
5.	WindowsXP-KB948590-x64-ENU.exe	Critical
6.	Windows6.0-KB948590-x86.msu	Critical
7.	WindowsServer2003.WindowsXP-KB948590-x64-ENU.exe	Critical
8.	WindowsServer2003-SP2.WindowsXP-KB948590-x64-ENU.exe	Critical
9.	Windows-2008-6.0-KB948590-x86.msu	Critical
10.	Windows6.0-KB948590-x64.msu	Critical
11.	Windows-6.0-KB948590-x64.msu	Critical
12.	Windows6.0-sp1-KB948590-x64.msu	Critical

Patch Mgmt Features

Desktop Mgmt Features

Forums

Disclaimer: This webpage is intended to provide you information about patch announcements for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors' websites. You can get more information by clicking the links to visit the relevant pages on the vendors' websites. Desktop Central is NOT endorsed by the vendors of the software products.