Microsoft releases 2 GDI+ program downloads for VFP 8.0

[dbMark]

This may not be news for most of you, but a couple months ago Microsoft released an updated GDIplus.dll that fixed a security vulnerability in that DLL. At first glance today's security downloads for Visual FoxPro 8.0 below provide a standard way to upgrade that version, and a reminder to update distributed programs currently in use.

Microsoft Security Bulletin MS04-028 Buffer overrun in JPEG processing (GDI+) could allow code execution resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system.

http://support.microsoft.com/?kbid=833987

Microsoft Visual FoxPro 8.0 update (KB887684)

http://www.microsoft.com/downloads/...71-596C-4E33-9EAF-F9A2E4D4DAD0&displaylang=en

Microsoft Visual FoxPro 8.0 Runtime Library update (KB887685)

http://www.microsoft.com/downloads/...26-F562-428C-A7FD-078826E75513&displaylang=en

Note When this program is installed on Windows XP or Windows Server 2003, it uses the operating system version of the vulnerable component. If you use this program on Windows XP, Windows XP Service Pack 1 or Windows Server 2003, make sure that you install the operating system version of the security update. If you use this program on other operating systems, make sure that you install the update for this program.

However, if you use this program to create applications that distribute a version of the Gdiplus.dll file, you have to install this security update even if you use Windows XP or Windows Server 2003. When this update is installed the vfp_gdiplus.msm file is installed. This file is used to create applications that distribute a copy of the Gdiplus.dll file. An application developer can use the updated vfp_gdiplus.msm file to rebuild their application to use the updated version of the Gdiplus.dll file.

dbMark