Microsoft KB Archive/923810

= MS07-055: Vulnerability in Kodak Image Viewer could allow remote code execution =

Article ID: 923810

Article Last Modified on 10/22/2007

-

APPLIES TO

 Microsoft Windows XP Service Pack 2, when used with:  Microsoft Windows XP Tablet PC Edition 2005

 Microsoft Windows XP Media Center Edition 2005

 Microsoft Windows XP Home Edition

 Microsoft Windows XP Professional</li></ul> </li> Microsoft Windows Server 2003 Service Pack 2, when used with:  Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition</li></ul>

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Web Edition</li></ul> </li> Microsoft Windows Server 2003 Service Pack 1, when used with:  Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul>

 Microsoft Windows Server 2003, Enterprise Edition</li></ul>

 Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul>

<ul> <li>Microsoft Windows Server 2003, Web Edition</li></ul> </li> <li>Microsoft Windows 2000 Advanced Server</li> <li>Microsoft Windows 2000 Datacenter Server</li> <li>Microsoft Windows 2000 Professional Edition</li> <li>Microsoft Windows 2000 Service Pack 4</li></ul>

-

<div class="summary_section">

Microsoft has released security bulletin MS07-055. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites: <ul> <li>Home users:

http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx

</li> <li>IT professionals:

http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx

</li></ul>

Note The Kodak Image Viewer is natively installed only in Windows 2000. It is not natively installed in Windows XP or in Windows Server 2003. However, if you upgraded Windows 2000 to Windows XP or to Windows Server 2003, the Kodak Image Viewer may be installed.

<div class="workaround_section">

WORKAROUND
To work around this problem, uninstall the Kodak Image Viewer.

Note The Kodak Image Viewer may not be listed when you open Add/Remove Windows Components from the Add or Remove Programs item in Control Panel. To uninstall the Kodak Image Viewer, you may have to edit an .inf file so that you can see the imaging component in Add or Remove Programs. To do this, follow these steps: <ol> <li>Use any text editor, such as Notepad, to open the following file:

%Systemroot%\Inf\Sysoc.inf

</li> <li>Find the following text in the Sysoc.inf file:

imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,hide,7

</li> <li>Remove the word &quot;hide&quot; from the text. For example, the edited line from step 2 appears as follows:

imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,,7

</li> <li>Save the Sysoc.inf file.</li> <li>In Control Panel, double-click Add or Remove Programs, and then click Add/Remove Windows Components.</li> <li>Click to clear the check box for the Imaging component, and then click Next. Follow the remaining steps to uninstall the component.</li></ol>

To verify that the Kodak Image Viewer files are removed, locate the following files. If you find these files, delete them:

%Systemroot%t\System32\Oieng400.dll

%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakimg.exe

%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakprv.exe

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000

Keywords: kbbug kbfix kbregistry kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbwin2000presp5fix kbwinxppresp3fix kbexpertisebeginner kbwinserv2003postsp2fix KB923810

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.