| Patch Name : |
WindowsXP-SP3-KB956802-x86-ENU.exe |
| Patch Description : |
Security Update for Windows XP (KB956802) |
| Bulletin Id : |
MS08-071 |
| Bulletin Title : |
Vulnerabilities in GDI Could Allow Remote Code Execution (956802) |
| KnowledgeBase : | 956802 |
| Severity : |
Critical |
| Location Path : | WindowsXP-SP3-KB956802-x86-ENU.exe |
| Bulletin Summary: |
This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Dec 9, 2008 |
| CVE Id : | CVE-2008-2249 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Windows XP Professional | Windows XP Service Pack 3 |
|
| File changes |
|
| File Path |
Version |
| %windir%\system32\Gdi32.dll | 5.1.2600.5698 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB956802 | | -2 |
|
