MS07-055: Vulnerability in Kodak Image Viewer could allow remote code execution

View products that this article applies to.

Microsoft has released security bulletin MS07-055. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

Home users:
http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx (http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx)
IT professionals:
http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx (http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx)

Note The Kodak Image Viewer is natively installed only in Windows 2000. It is not natively installed in Windows XP or in Windows Server 2003. However, if you upgraded Windows 2000 to Windows XP or to Windows Server 2003, the Kodak Image Viewer may be installed.

WORKAROUND

To work around this problem, uninstall the Kodak Image Viewer.

Note The Kodak Image Viewer may not be listed when you open Add/Remove Windows Components from the Add or Remove Programs item in Control Panel. To uninstall the Kodak Image Viewer, you may have to edit an .inf file so that you can see the imaging component in Add or Remove Programs. To do this, follow these steps:

Use any text editor, such as Notepad, to open the following file:
%Systemroot%\Inf\Sysoc.inf
Find the following text in the Sysoc.inf file:
imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,hide,7
Remove the word "hide" from the text. For example, the edited line from step 2 appears as follows:
imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,,7
Save the Sysoc.inf file.
In Control Panel, double-click Add or Remove Programs, and then click Add/Remove Windows Components.
Click to clear the check box for the Imaging component, and then click Next. Follow the remaining steps to uninstall the component.

To verify that the Kodak Image Viewer files are removed, locate the following files. If you find these files, delete them:

%Systemroot%t\System32\Oieng400.dll
%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakimg.exe
%ProgramFiles%\Windows NT\Accessories\Imagevue\Kodakprv.exe

APPLIES TO

Microsoft Windows XP Service Pack 2, when used with:

Microsoft Windows XP Tablet PC Edition 2005
Microsoft Windows XP Media Center Edition 2005
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Microsoft Windows Server 2003 Service Pack 2, when used with:

Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition

Microsoft Windows Server 2003 Service Pack 1, when used with:

Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition

Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional Edition
Microsoft Windows 2000 Service Pack 4

Back to the top

kbregistry kbwinxppresp3fix kbwin2000presp5fix kbwinserv2003postsp2fix kbexpertisebeginner kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix kbpubtypekc KB923810