You are currently offline, waiting for your internet to reconnect

MS09-062: Vulnerabilities in GDI+ could allow remote code execution

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Extended support for SQL Server 2005 ends on April 12, 2016

If you are still running SQL Server 2005 after April 12, 2016, you will no longer receive security updates and technical support. We recommend upgrading to SQL Server 2014 and Azure SQL Database to achieve breakthrough performance, maintain security and compliance, and optimize your data platform infrastructure. Learn more about the options for upgrading from SQL Server 2005 to a supported version here.

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released security bulletin MS09-062. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

Known issues and additional information about this security update

For more information about this security update and for information about any known issues with specific releases of this software, click the following article number to view the article in the Microsoft Knowledge Base:
958869 MS09-062: Description of the security update for GDI+ for all editions of Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008 and for Windows Server 2000 with Internet Explorer 6 Service Pack 1: October 13, 2009
970892 MS09-062: Description of the security update for SQL Server 2005 Service Pack 3 GDR: October 13, 2009
970894MS09-062: Description of the security update for SQL Server 2005 Service Pack 3 QFE: October 13, 2009
970895MS09-062: Description of the security update for GDI+ for SQL Server 2005 Service Pack 2 GDR: October 13, 2009
970896MS09-062: Description of the security update for SQL Server 2005 Service Pack 2 QFE: October 13, 2009
970899MS09-062: Description of the security update for GDI+ for SQL Server 2000 Reporting Services Service Pack 2: October 13, 2009
971022 MS09-062: Description of the security update for Microsoft Visual Studio 2003 Service Pack 1: October 13, 2009
971023 MS09-062: Description of the security update for Microsoft Visual Studio 2005 Service Pack 1: October 13, 2009
971104 MS09-062: Description of the security update for Microsoft Visual FoxPro 8.0 Service Pack 1: October 13, 2009
971105 MS09-062: Description of the security update for Microsoft Visual FoxPro 9.0 Service Pack 2: October 13, 2009
971108 MS09-062: Description of the security update for Microsoft .NET Framework 1.1 Service Pack 1: October 13, 2009
971110 MS09-062: Description of the security update for Microsoft .NET Framework 2.0 Service Pack 1: October 13, 2009
971111 MS09-062: Description of the security update for Microsoft .NET Framework 2.0 Service Pack 2: October 13, 2009
971117 MS09-062: Description of the security update for Microsoft Report Viewer 2005 Service Pack 1 Redistributable Package: October 13, 2009
971118 MS09-062: Description of the security update for Microsoft Report Viewer 2008 Redistributable Package: October 13, 2009
971119 MS09-062: Description of the security update for Microsoft Report Viewer 2008 Service Pack 1 Redistributable Package: October 13, 2009
972221 MS09-062: Description of the security update for Microsoft Visual Studio 2008: October 13, 2009
972222 MS09-062: Description of the security update for Microsoft Visual Studio 2008 Service Pack 1: October 13, 2009
972580 MS09-062: Description of the security update for Office 2003: October 13, 2009
972581 MS09-062: Description of the security update for the 2007 Office system: October 13, 2009
974811 MS09-062: Description of the security update for Office XP: October 13, 2009
973636 MS09-062: Description of the security update for Microsoft Works 8: October 13, 2009
975337 MS09-062: Description of the security update for GDI+ for Microsoft Platform SDK Redistributable: October 13, 2009
975365MS09-062: Description of the security update for GDI+ for Microsoft Visio 2002: October 13, 2009
975962 MS09-062: Description of the security update for Forefront Client Security on Windows 2000: October 13, 2009


Note In addition to the products listed in the Applies To section, this update also applies to Microsoft Report Viewer Redistributable 2008 SP1.
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 957488 - Last Review: 05/09/2012 17:18:00 - Revision: 4.0

Windows Server 2008 Service Pack 2, Windows Server 2008 Datacenter without Hyper-V, Windows Server 2008 Enterprise without Hyper-V, Windows Server 2008 for Itanium-Based Systems, Windows Server 2008 Standard without Hyper-V, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Web Server 2008, Windows Vista Service Pack 2, Windows Vista Service Pack 1, Windows Vista Business, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Starter, Windows Vista Ultimate, Windows Vista Enterprise 64-bit Edition, Windows Vista Home Basic 64-bit Edition, Windows Vista Home Premium 64-bit Edition, Windows Vista Ultimate 64-bit Edition, Windows Vista Business 64-bit Edition, Microsoft Windows Server 2003 Service Pack 2, Microsoft Windows XP Service Pack 3, Microsoft Windows XP Service Pack 2, Microsoft Forefront Client Security, Microsoft Visual Studio Team System 2008 Team Suite, Microsoft Visual Studio 2008 Standard Edition, Microsoft Visual Studio 2008 Professional Edition, Microsoft Visual Studio Team System 2008 Database Edition, Microsoft Visual Studio Team System 2008 Architecture Edition, Microsoft Visual Studio Team System 2008 Development Edition, Microsoft Visual Studio Team System 2008 Test Edition, Microsoft Visual Studio 2008 Service Pack 1, Microsoft Visual Studio 2005 Service Pack 1, Microsoft Visual Studio .NET 2003 Service Pack 1, Microsoft Report Viewer Redistributable 2005 Service Pack 1, Microsoft Report Viewer Redistributable 2008, Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 2.0 Service Pack 1 (x86), Microsoft .NET Framework 1.1 Service Pack 1, Microsoft Visual FoxPro 9.0 Service Pack 2, Microsoft SQL Server 2005 Service Pack 3, Microsoft SQL Server 2005 Service Pack 2, 2007 Microsoft Office Suite Service Pack 2, 2007 Microsoft Office Suite Service Pack 1, Microsoft Office 2007 Compatibility Pack Service Pack 1, Microsoft Office Groove 2007, Microsoft Office 2003 Service Pack 3, Microsoft Office Excel Viewer 2003, Microsoft Office Word Viewer 2003, Microsoft Office Word Viewer 2003 Service Pack 3, Word Viewer, Microsoft Visio 2002 Standard Edition, Microsoft Visio 2002 Professional Edition, Microsoft Works 8, Microsoft Expression Web, Microsoft Expression Web 2

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability kbsurveynew KB957488
Feedback
style="display:none;" onerror="var m=document.createElement('meta');m.name='ms.dqp0';m.content='true';document.getElementsByTagName('head')[0].appendChild(m);" onload="var m=document.createElement('meta');m.name='ms.dqp0';m.content='false';document.getElementsByTagName('head')[0].appendChild(m);" src="http://c1.microsoft.com/c.gif?">