MS07-017: Vulnerability in GDI could allow remote code execution

MS07-017: Vulnerability in GDI could allow remote code execution

Article ID : 925902
Last Review : December 3, 2007
Revision : 6.5
On This Page

Microsoft has released security bulletin MS07-017. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

• Home users:

http://www.microsoft.com/athome/security/update/bulletins/200704oob.mspx (http://www.microsoft.com/athome/security/update/bulletins/200704oob.mspx)
• IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms07-017.mspx (http://www.microsoft.com/technet/security/bulletin/ms07-017.mspx)

Back to the top

Known issues

• Microsoft is aware of an issue that affects a limited number of printer drivers. When you try to print by using one of these drivers, you may experience the following symptoms:

• Your computer automatically restarts.
• After you log on, you receive the following error message:

Microsoft Windows
The system has recovered from a serious error.A log of this error has been created. Please tell Microsoft about this problem.We have created an error report that you can send to help us improve Microsoft Windows. We will treat this report as confidential and anonymous. To see what data this error report contains, click here.

When you click the link at the bottom of the message box, you see error signature information that resembles the following:

BCCode : 0x0000007f (0x00000000, 0x00000000, 0x00000000, 0x00000000) OSVer : 5_1_2600 SP : 0_0 Product : 256_1
• You receive the following Stop error message:

A problem has been detected and Windows has been shut down to prevent damage to your computer…
Technical information:

*** Stop 0x0000007f (0x00000000, 0x00000000, 0x00000000, 0x00000000) UNEXPECTED_KERNEL_MODE_TRAP

For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

935843 (/Feedback.aspx?kbNumber=935843/) Stop 0x0000007F error when you print from Windows XP or Windows 2000 with GDI security update 925902 installed
• After you install this security update on a computer that is running Windows XP with Service Pack 2, certain third-party applications may not start. Additionally, you receive an error message that resembles the following:

application_executable_name – Illegal System DLL Relocation
The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C: Windows System32 Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

For more information about this issue, and to see a list of third-party programs that Microsoft has confirmed are affected by this problem, click the following article number to view the article in the Microsoft Knowledge Base:

935448 (/Feedback.aspx?kbNumber=935448/) Certain programs may not start, and you receive an error message on a computer that is running Windows XP Service Pack 2: Illegal System DLL Relocation

If you receive a similar message when you use other programs, install update 935448. If we confirm that other programs are affected by this problem, we will update Microsoft Knowledge Base article 935448 with more information.

Back to the top

Technical revisions

The revision number and the review dates for this article may reflect minor editorial revisions or structural revisions to this content. The major technical revisions to this content are listed in this table.

Date Revisions
April 17, 2007 Updated the Known issues section to include information about a Stop error that you may receive after you install this security update. Added this table.

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Back to the top


APPLIES TO
• Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
• Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
• Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
• Microsoft Windows Server 2003 R2 Standard x64 Edition
• Microsoft Windows Server 2003 R2 Enterprise x64 Edition
• Microsoft Windows Server 2003 R2 Datacenter x64 Edition
• Microsoft Windows Server 2003, Standard x64 Edition
• Microsoft Windows Server 2003, Enterprise x64 Edition
• Microsoft Windows Server 2003, Datacenter x64 Edition
• Microsoft Windows Server 2003 Service Pack 1, when used with:
    Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    Microsoft Windows Server 2003, Web Edition
    Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    Microsoft Windows Small Business Server 2003 Standard Edition
• Microsoft Windows Server 2003 Service Pack 2, when used with:
    Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    Microsoft Windows Server 2003, Web Edition
    Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    Microsoft Windows Server 2003, Standard x64 Edition
    Microsoft Windows Server 2003, Enterprise x64 Edition
    Microsoft Windows Server 2003, Datacenter x64 Edition
    Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
    Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
    Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
    Microsoft Windows Server 2003 R2 Standard x64 Edition
    Microsoft Windows Server 2003 R2 Enterprise x64 Edition
    Microsoft Windows Server 2003 R2 Datacenter x64 Edition
• Microsoft Windows XP Tablet PC Edition 2005
• Microsoft Windows XP Media Center Edition 2005
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Service Pack 2, when used with:
    Microsoft Windows XP Professional
    Microsoft Windows XP Home Edition
    Microsoft Windows XP Professional x64 Edition
• Microsoft Windows 2000 Service Pack 4, when used with:
    Microsoft Windows 2000 Datacenter Server
    Microsoft Windows 2000 Advanced Server
    Microsoft Windows 2000 Server
    Microsoft Windows 2000 Professional Edition
• Microsoft Small Business Server 2000 Standard Edition
• Windows Vista Ultimate
• Windows Vista Enterprise
• Windows Vista Business
• Windows Vista Home Premium
• Windows Vista Home Basic
• Windows Vista Starter
• Windows Vista Ultimate 64-bit Edition
• Windows Vista Enterprise 64-bit Edition
• Windows Vista Home Premium 64-bit Edition
• Windows Vista Home Basic 64-bit Edition

Back to the top

Keywords: 
kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbwin2000presp5fix kbexpertiseinter kbexpertisebeginner KB925902

Back to the top

 

Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
Microsoft Corporation. All rights reserved. Terms of Use | Trademarks


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply

*
To prove that you're not a bot, enter this code
Anti-Spam Image