MS07-055: Vulnerability in Kodak Image Viewer could allow remote code execution

Microsoft has released security bulletin MS07-055. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:

• Home users:
  http://www.microsoft.com/protect/computer/updates/bulletins/200710.mspx
• IT professionals:
  http://www.microsoft.com/technet/security/bulletin/MS07-055.mspx

Note The Kodak Image Viewer is natively installed only in Windows 2000. It is not natively installed in Windows XP or in Windows Server 2003. However, if you upgraded Windows 2000 to Windows XP or to Windows Server 2003, the Kodak Image Viewer may be installed.

To work around this problem, uninstall the Kodak Image Viewer.

Note The Kodak Image Viewer may not be listed when you open Add/Remove Windows Components from the Add or Remove Programs item in Control Panel. To uninstall the Kodak Image Viewer, you may have to edit an .inf file so that you can see the imaging component in Add or Remove Programs. To do this, follow these steps:

1. Use any text editor, such as Notepad, to open the following file:
   %Systemroot%\Inf\Sysoc.inf
2. Find the following text in the Sysoc.inf file:
   imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,hide,7
3. Remove the word "hide" from the text. For example, the edited line from step 2 appears as follows:
   imagevue=ockodak.dll,ImagingOcEntry,imagevue.inf,,7
4. Save the Sysoc.inf file.
5. In Control Panel, double-click Add or Remove Programs, and then click Add/Remove Windows Components.
6. Click to clear the check box for the Imaging component, and then click Next. Follow the remaining steps to uninstall the component.

To verify that the Kodak Image Viewer files are removed, locate the following files. If you find these files, delete them: