Microsoft released a new tool, Enterprise Update Scanning Tool, that can help help you scan your systems for DLLs that are vulnerable to JPEG GDI+ exploits. The tool also updates the outdated DLLs discovered in the scanning process.
For more information about the JPEG GDI+ vulnerability read Microsoft bulletin MS04-028. You can read article 886988 for more information about the new tool, and if you use Systems Management Server then read article 885920 instead since it contains information about obtaining and using the tool in an SMS environment. The articles contain detailed information and instructions on how to use the tool as well as links to download a copy.
Microsoft also released a new article, "GDI+ 1.0 Security Update Overview," which offers an overview of the recent GDI+ fixes. Also included in the article are "an outline of the buffer overrun vulnerability and information necessary to help you identify applications at risk" as well as information on APIs that expose risk.
