Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. MS13-054: Description of the security update for Windows GDI+: July 9, 2013

MS13-054: Description of the security update for Windows GDI+: July 9, 2013

Introduction

This update resolves a vulnerability that could allow remote code execution on a client system if a user opens a specially crafted document or visits a specially crafted webpage that embeds TrueType font files.

↑ Back to the top

Summary

Microsoft has released security bulletin MS13-054. To view the complete security bulletin, go to one of the following Microsoft websites:

↑ Back to the top

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

↑ Back to the top

More information about this security update

↑ Back to the top

Restart information

You must restart the computer after you install this security update.

↑ Back to the top

Removal information

Note We do not recommend that you remove any security update.
For Windows XP, Windows XP Professional x64 Edition, and Windows Server 2003
To remove this security update, use the Add or Remove Programs item in Control Panel.

Additionally, you can use the Spuninst.exe utility that is located in the %Windir%\$NTUninstallKB2834886$\Spuninst folder.

↑ Back to the top

For Windows Vista or Windows Server 2008 and later versions
To remove an update installed by Windows Update Stand-alone Installer (Wusa.exe), use the /Uninstall setup switch or click Control Panel, click System and Security, and then under Windows Update, click View installed updates. Then, select from the list of updates.

↑ Back to the top

Security update replacement information

This security update replaces MS12-034: Description of the security update for Windows GDI+: May 8, 2012 .

↑ Back to the top

File information
The English (United States) version of this hotfix installs files that have the attributes that are listed in the following tables. The dates and the times for these files are listed in Coordinated Universal Time (UTC). The dates and the times for these files on your local computer are displayed in your local time together with your current daylight saving time (DST) bias. Additionally, the dates and the times may change when you perform certain operations on the files.

↑ Back to the top

Windows XP and Windows Server 2003 file information notes
  • In addition to the files that are listed in these tables, this hotfix also installs an associated security catalog file (KBnumber.cat) that is signed with a Microsoft digital signature.

For all supported x86-based versions of Windows XP
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdiplus.dll5.2.6002.230841,748,99210-Apr-201310:45x86NoneNot Applicable
Gdiplus.manNot Applicable39810-Apr-201310:46Not ApplicableNoneNot Applicable
Gdiplus.manNot Applicable60810-Apr-201310:46Not ApplicableNoneNot Applicable
Gdiplus.dll5.2.6002.230841,748,99210-Apr-201310:45x86SP3SP3QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable39810-Apr-201310:46Not ApplicableSP3SP3QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable60810-Apr-201310:46Not ApplicableSP3SP3QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
For all supported x86-based versions of Windows Server 2003
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdiplus.dll5.2.6002.230841,748,99213-Apr-201302:51x86SP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable39813-Apr-201302:52Not ApplicableSP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable60805-Apr-201310:03Not ApplicableSP2SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
For all supported x64-based versions of Windows Server 2003 and of Windows XP Professional x64 Edition
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdiplus.dll5.2.6002.230842,193,40813-Apr-201315:35x64SP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable40013-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable61213-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
Gdiplus.dll5.2.6002.230841,748,99213-Apr-201315:35x86SP2SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable39813-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable60813-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\X86\10\POLICY\MSFT\WINDOWS\GDIPLUS
For all supported IA-64-based versions of Windows Server 2003
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Gdiplus.dll5.2.6002.230844,912,12813-Apr-201315:35IA-64SP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable39913-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable61013-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\10\POLICY\MSFT\WINDOWS\GDIPLUS
Gdiplus.dll5.2.6002.230841,748,99213-Apr-201315:35x86SP2SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable39813-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\X86\10\MSFT\WINDOWS\GDIPLUS
Gdiplus.manNot Applicable60813-Apr-201315:35Not ApplicableSP2SP2QFE\ASMS\X86\10\POLICY\MSFT\WINDOWS\GDIPLUS
Windows Vista and Windows Server 2008 file information notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table.

    VersionProductMilestoneService branch
    6.0.6002.18xxxWindows Vista SP2 and Windows Server 2008 SP2SP2GDR
    6.0.6002.23xxxWindows Vista SP2 and Windows Server 2008 SP2SP2LDR
  • Service Pack 1 is integrated into the original release version of Windows Server 2008. Therefore, RTM milestone files apply only to Windows Vista. RTM milestone files have a 6.0.0000.xxxxxx version number.
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.
  • The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.

For all supported x86-based versions of Windows Vista and of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.6002.188131,748,99203-Apr-201303:56x86
Gdiplus.dll5.2.6002.230841,748,99203-Apr-201302:27x86
Gdiplus.dll6.0.6002.188131,838,59203-Apr-201303:56x86
Gdiplus.dll6.0.6002.230841,838,59203-Apr-201302:27x86
For all supported x64-based versions of Windows Vista and of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.6002.188132,192,89603-Apr-201304:15x64
Gdiplus.dll5.2.6002.230842,193,40803-Apr-201303:40x64
Gdiplus.dll6.0.6002.188132,424,32003-Apr-201304:15x64
Gdiplus.dll6.0.6002.230842,424,32003-Apr-201303:40x64
Gdiplus.dll5.2.6002.188131,748,99203-Apr-201303:56x86
Gdiplus.dll5.2.6002.230841,748,99203-Apr-201302:27x86
Gdiplus.dll6.0.6002.188131,838,59203-Apr-201303:56x86
Gdiplus.dll6.0.6002.230841,838,59203-Apr-201302:27x86
For all supported IA-64-based versions of Windows Server 2008
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.6002.188134,911,10403-Apr-201303:32IA-64
Gdiplus.dll5.2.6002.230844,912,12803-Apr-201302:19IA-64
Gdiplus.dll6.0.6002.188135,266,94403-Apr-201303:32IA-64
Gdiplus.dll6.0.6002.230845,266,94403-Apr-201302:19IA-64
Gdiplus.dll5.2.6002.188131,748,99203-Apr-201303:56x86
Gdiplus.dll5.2.6002.230841,748,99203-Apr-201302:27x86
Gdiplus.dll6.0.6002.188131,838,59203-Apr-201303:56x86
Gdiplus.dll6.0.6002.230841,838,59203-Apr-201302:27x86
Windows 7 and Windows Server 2008 R2 file information notes
  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:

    VersionProductMilestoneService branch
    6.1.7601.18xxxWindows 7 and Windows Server 2008 R2 SP1GDR
    6.1.7601.22xxxWindows 7 and Windows Server 2008 R2SP1LDR

  • The security catalog files, for which the attributes are not listed, are signed with a Microsoft digital signature.

For all supported x86-based versions of Windows 7
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.7601.181201,723,39203-Apr-201304:50x86
Gdiplus.dll5.2.7601.222901,723,39203-Apr-201304:25x86
Gdiplus.dll6.1.7601.181201,625,08803-Apr-201304:50x86
Gdiplus.dll6.1.7601.222901,626,11203-Apr-201304:25x86
For all supported x64-based versions of Windows 7 and of Windows Server 2008 R2
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.7601.181202,293,24803-Apr-201305:46x64
Gdiplus.dll5.2.7601.222902,293,24803-Apr-201305:16x64
Gdiplus.dll6.1.7601.181202,165,76003-Apr-201305:46x64
Gdiplus.dll6.1.7601.222902,166,27203-Apr-201305:16x64
Gdiplus.dll5.2.7601.181201,723,39203-Apr-201304:50x86
Gdiplus.dll5.2.7601.222901,723,39203-Apr-201304:25x86
Gdiplus.dll6.1.7601.181201,625,08803-Apr-201304:50x86
Gdiplus.dll6.1.7601.222901,626,11203-Apr-201304:25x86
For all supported IA-64-based versions of Windows Server 2008 R2
File nameFile versionFile sizeDateTimePlatform
Gdiplus.dll5.2.7601.181204,923,39203-Apr-201304:30IA-64
Gdiplus.dll5.2.7601.222904,923,39203-Apr-201304:23IA-64
Gdiplus.dll6.1.7601.181204,602,36803-Apr-201304:30IA-64
Gdiplus.dll6.1.7601.222904,603,90403-Apr-201304:23IA-64
Gdiplus.dll5.2.7601.181201,723,39203-Apr-201304:50x86
Gdiplus.dll5.2.7601.222901,723,39203-Apr-201304:25x86
Gdiplus.dll6.1.7601.181201,625,08803-Apr-201304:50x86
Gdiplus.dll6.1.7601.222901,626,11203-Apr-201304:25x86

↑ Back to the top


Applies to

This article applies to the following:
  • Windows 7 Service Pack 1
  • Windows Server 2008 R2 Service Pack 1
  • Windows Vista Service Pack 2
  • Windows Server 2008 Service Pack 2
  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2 

↑ Back to the top

Keywords: kbsecurity, kbsecreview, kbsecbulletin, kbmustloc, kblangall, kbfix, kbexpertiseinter, kbbug, atdownload, kb, kbsecvulnerability

↑ Back to the top

Article Info
Article ID : 2834886
Revision : 3
Created on : 4/13/2020
Published on : 4/13/2020
Exists online : False
Views : 159