| Patch Name : |
Windows2000-KB938829-x86-ENU.EXE |
| Patch Description : |
Security Update for Windows 2000 (KB938829) |
| Bulletin Id : |
MS07-046 |
| Bulletin Title : |
Vulnerability in GDI Could Allow Remote Code Execution (938829) |
| KnowledgeBase : | 938829 |
| Severity : |
Critical |
| Location Path : | Windows2000-KB938829-x86-ENU.EXE |
| Bulletin Summary: |
This critical security update resolves a privately reported vulnerability. A remote code execution vulnerability exists in the Graphics Rendering Engine in the way that it handles specially crafted images. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user opened a specially crafted attachment in e-mail. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
This is a critical security update for all supported editions of Windows except Windows 2003 Server Service Pack 2 and Windows Vista. This security update addresses the vulnerability by modifying the way that the Graphics Rendering Engine handles images. |
| Superceding Bulletin Id : |
MS08-021 |
| Patch Release Date : |
Aug 14, 2007 |
| CVE Id : | CVE-2007-3034 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows 2000 Advanced Server | Windows 2000 Service Pack 4 |
| Windows 2000 Professional | Windows 2000 Service Pack 4 |
| Windows 2000 Server | Windows 2000 Service Pack 4 |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\gdi32.dll | 5.0.2195.7138 |
| %windir%\system32\mf3216.dll | 5.0.2195.7133 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows 2000\SP5\KB938829 | | -2 |
|
