Saturday 25 September 2004

GDI Scanner Released

If you were one of those who downloaded and used Microsoft's GDI+ Detection Tool, you may have noticed that it only scans Microsoft Software; specifically, those installed via the MSI Installer.

You can prove this for yourself by downloading either filemon or regmon from sysinternals and watching the output fly by (you can filter if you wish).

If you are wondering if there is a way to scan your non-Microsoft software for the JPEG GDI+ vulnerability, then you will be glad to know that SANS Internet Security Center has released a GDI Scanner that goes beyond Microsoft's GDI+ Detection Tool and reveals which of your non-Microsoft Software is vulnerable to the JPEG GDI+ exploit.

Unfortunately, I am unable to advise on how to get those non-Microsoft softwares patched; you will have to check with the vendor.

In other related news (this really belongs in my linkblog), it looks like a University Professor is going to teach a fall course titled "Computer Viruses and Malware". Part of the course involves his undergraduate students writing some malicious code.

We live in interesting times.

Related Reading