Home / bulletins MS08-052 – Critical: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) - Version:3.0
Posted on 10 December 2008
There is an newer version: MS08-052 - Version: :4.0
CriticalSeverity Rating: Critical - Revision Note: V3.0 (December 9, 2008): Added Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1, Microsoft Expression Web and Microsoft Expression Web 2, and Microsoft Office Groove Server 2007 as Affected Software. Also detailed a detection change for Microsoft SQL Server 2005 Service Pack 2 in the "Why was this bulletin revised on December 9, 2008?" entry in the Frequently Asked Questions (FAQ) Related to this Security Update section.Summary: This security update resolves several privately reported vulnerabilities in Microsoft Windows GDI+. These vulnerabilities could allow remote code execution if a user viewed a specially crafted image file using affected software or browsed a Web site that contains specially crafted content. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-052 - Version: 1.0
- MS08-052 - Version: 2.0
- MS08-052 - Version: 2.1
- MS08-052 - Version: 2.2
- MS08-052 - Version: 3.0
- MS08-052 - Version: 4.0
- MS08-052 - Version: :4.0
