Microsoft KB Archive/925902

From BetaArchive Wiki
Knowledge Base


MS07-017: Vulnerability in GDI could allow remote code execution

Article ID: 925902

Article Last Modified on 12/3/2007



APPLIES TO

  • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
  • Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
  • Microsoft Windows Server 2003 R2 Standard x64 Edition
  • Microsoft Windows Server 2003 R2 Enterprise x64 Edition
  • Microsoft Windows Server 2003 R2 Datacenter x64 Edition
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Datacenter x64 Edition
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
    • Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
    • Microsoft Windows Server 2003 R2 Standard x64 Edition
    • Microsoft Windows Server 2003 R2 Enterprise x64 Edition
    • Microsoft Windows Server 2003 R2 Datacenter x64 Edition
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows XP Tablet PC Edition 2005
  • Microsoft Windows XP Media Center Edition 2005
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Service Pack 2, when used with:
    • Microsoft Windows XP Professional
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows 2000 Service Pack 4, when used with:
    • Microsoft Windows 2000 Datacenter Server
    • Microsoft Windows 2000 Advanced Server
    • Microsoft Windows 2000 Server
    • Microsoft Windows 2000 Professional Edition
  • Microsoft Small Business Server 2000 Standard Edition
  • Windows Vista Ultimate
  • Windows Vista Enterprise
  • Windows Vista Business
  • Windows Vista Home Premium
  • Windows Vista Home Basic
  • Windows Vista Starter
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Home Basic 64-bit Edition



Microsoft has released security bulletin MS07-017. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Known issues

  • Microsoft is aware of an issue that affects a limited number of printer drivers. When you try to print by using one of these drivers, you may experience the following symptoms:
    • Your computer automatically restarts.
    • After you log on, you receive the following error message:

      Microsoft Windows
      The system has recovered from a serious error. A log of this error has been created. Please tell Microsoft about this problem. We have created an error report that you can send to help us improve Microsoft Windows. We will treat this report as confidential and anonymous. To see what data this error report contains, click here.

      When you click the link at the bottom of the message box, you see error signature information that resembles the following:

      BCCode : 0x0000007f (0x00000000, 0x00000000, 0x00000000, 0x00000000) OSVer : 5_1_2600 SP : 0_0 Product : 256_1

    • You receive the following Stop error message:

      A problem has been detected and Windows has been shut down to prevent damage to your computer...
      Technical information:

          • Stop 0x0000007f (0x00000000, 0x00000000, 0x00000000, 0x00000000) UNEXPECTED_KERNEL_MODE_TRAP

    For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

    935843 Stop 0x0000007F error when you print from Windows XP or Windows 2000 with GDI security update 925902 installed

  • After you install this security update on a computer that is running Windows XP with Service Pack 2, certain third-party applications may not start. Additionally, you receive an error message that resembles the following:

    application_executable_name - Illegal System DLL Relocation
    The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.

    For more information about this issue, and to see a list of third-party programs that Microsoft has confirmed are affected by this problem, click the following article number to view the article in the Microsoft Knowledge Base:

    935448 Certain programs may not start, and you receive an error message on a computer that is running Windows XP Service Pack 2: "Illegal System DLL Relocation"

    If you receive a similar message when you use other programs, install update 935448. If we confirm that other programs are affected by this problem, we will update Microsoft Knowledge Base article 935448 with more information.


Technical revisions

The revision number and the review dates for this article may reflect minor editorial revisions or structural revisions to this content. The major technical revisions to this content are listed in this table.

Date Revisions
April 17, 2007 Updated the "Known issues" section to include information about a Stop error that you may receive after you install this security update. Added this table.

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.


Additional query words: security_patch security_update bug flaw malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE Win2000

Keywords: kbexpertiseinter kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbwin2000presp5fix kbpubtypekc KB925902