https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/923810&feed=atom&action=history
Microsoft KB Archive/923810 - Revision history
2024-03-29T12:55:38Z
Revision history for this page on the wiki
MediaWiki 1.39.3
https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/923810&diff=223279&oldid=prev
3155ffGd: importing KB archive
2020-07-18T17:32:24Z
<p>importing KB archive</p>
<p><b>New page</b></p><div><div id="nsbanner"><br />
<br />
<div id="bannerrow1"><br />
<br />
{|<br />
| Knowledge Base<br />
|<br />
|}<br />
<br />
<br />
</div><br />
<div id="TitleRow"><br />
<br />
= <span id="KB923810"></span>MS07-055: Vulnerability in Kodak Image Viewer could allow remote code execution =<br />
<br />
<br />
</div><br />
<br />
</div><br />
<div id="nstext" valign="BOTTOM"><br />
<br />
Article ID: 923810<br />
<br />
Article Last Modified on 10/22/2007<br />
<br />
<br />
-----<br />
<br />
APPLIES TO<br /><br />
<br /><br />
<br />
<ul><br />
<li>Microsoft Windows XP Service Pack 2, when used with:<br />
<ul><br />
<li>Microsoft Windows XP Tablet PC Edition 2005</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows XP Media Center Edition 2005</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows XP Home Edition</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows XP Professional</li></ul><br />
</li><br />
<li>Microsoft Windows Server 2003 Service Pack 2, when used with:<br />
<ul><br />
<li>Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Enterprise Edition</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Web Edition</li></ul><br />
</li><br />
<li>Microsoft Windows Server 2003 Service Pack 1, when used with:<br />
<ul><br />
<li>Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Enterprise Edition</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Standard Edition (32-bit x86)</li></ul><br />
<br />
<ul><br />
<li>Microsoft Windows Server 2003, Web Edition</li></ul><br />
</li><br />
<li>Microsoft Windows 2000 Advanced Server</li><br />
<li>Microsoft Windows 2000 Datacenter Server</li><br />
<li>Microsoft Windows 2000 Professional Edition</li><br />
<li>Microsoft Windows 2000 Service Pack 4</li></ul><br />
<br />
<br />
-----<br />
<br />
<div class="summary_section"><br />
<br />
Microsoft has released security bulletin MS07-055. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:<br />
<ul><br />
<li>Home users:<br />
<div class="indent"><br />
<br />
<p>http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx</p><br />
<br />
</div></li><br />
<li>IT professionals:<br />
<div class="indent"><br />
<br />
<p>http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx</p><br />
<br />
</div></li></ul><br />
<br />
'''Note''' The Kodak Image Viewer is natively installed only in Windows 2000. It is not natively installed in Windows XP or in Windows Server 2003. However, if you upgraded Windows 2000 to Windows XP or to Windows Server 2003, the Kodak Image Viewer may be installed.<br />
<br />
</div><br />
<div class="workaround_section"><br />
<br />
== WORKAROUND ==<br />
<br />
To work around this problem, uninstall the Kodak Image Viewer.<br /><br />
<br /><br />
'''Note''' The Kodak Image Viewer may not be listed when you open '''Add/Remove Windows Components''' from the '''Add or Remove Programs''' item in '''Control Panel'''. To uninstall the Kodak Image Viewer, you may have to edit an .inf file so that you can see the imaging component in '''Add or Remove Programs'''. To do this, follow these steps:<br />
<ol><br />
<li>Use any text editor, such as Notepad, to open the following file:<br />
<div class="indent"><br />
<br />
<p>%Systemroot%\Inf\Sysoc.inf</p><br />
<br />
</div></li><br />
<li>Find the following text in the Sysoc.inf file:<br />
<div class="indent"><br />
<br />
<p>imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,hide,7</p><br />
<br />
</div></li><br />
<li>Remove the word &quot;hide&quot; from the text. For example, the edited line from step 2 appears as follows:<br />
<div class="indent"><br />
<br />
<p>imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,,7</p><br />
<br />
</div></li><br />
<li>Save the Sysoc.inf file.</li><br />
<li>In Control Panel, double-click '''Add or Remove Programs''', and then click '''Add/Remove Windows Components'''.</li><br />
<li>Click to clear the check box for the '''Imaging''' component, and then click '''Next'''. Follow the remaining steps to uninstall the component.</li></ol><br />
<br />
To verify that the Kodak Image Viewer files are removed, locate the following files. If you find these files, delete them:<br />
<div class="indent"><br />
<br />
%Systemroot%t\System32\Oieng400.dll<br /><br />
%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakimg.exe<br /><br />
%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakprv.exe<br /><br />
<br />
<br />
<br />
</div><br />
<br />
</div><br />
<br /><br />
<br />
Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000<br />
<br />
Keywords: kbbug kbfix kbregistry kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbwin2000presp5fix kbwinxppresp3fix kbexpertisebeginner kbwinserv2003postsp2fix KB923810<br />
<br />
<div class="footer"><br />
<br />
<br /><br />
<br />
<br />
-----<br />
<br />
[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]<br />
<br />
<span>© Microsoft Corporation. All rights reserved.</span><br />
<br />
<br />
</div><br />
<br />
</div></div>
3155ffGd