MS Security Bulletin MS04-28 from September, describing critical
vulnerabilities in Microsoft GDI+ libraries, was re-issued:
"In addition, Microsoft is releasing new updates for Microsoft Visual
FoxPro 8.0 and standalone updates for Microsoft .NET Framework in
regards to MS04-028."


Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
http://www.microsoft.com/technet/sec.../MS04-028.mspx

Visual FoxPro 8.0 GDI+ Design-Time Update
http://www.microsoft.com/downloads/d...displaylang=en

Visual FoxPro 8.0 GDI+ Runtime Library Update
http://www.microsoft.com/downloads/d...displaylang=en

Thanks.

I wonder why this doesn't show up in the FoxPro Updates page:
http://msdn.microsoft.com/vfoxpro/do...s/default.aspx



"Stefan Wuebbe" <stefan.wuebbe (AT) gmx (DOT) de> wrote

I read those web pages, and I don't completely understand the update.

If I install the design-time update, recompile the application, then replace
the exe on the user's machine, will that be sufficient?

Or must one either run the runtime update on the user's machine, or
uninstall the old application and reinstall the recompiled one?

Or does it depend on which operating system the user has?




"Stefan Wuebbe" <stefan.wuebbe (AT) gmx (DOT) de> wrote

"Paul Pedersen" <no-reply (AT) swen (DOT) com> schrieb
Hi Paul, Most details are somewhat hidden in the main article
<http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx>
-> scroll down to "General Information" -> expand "Security Update Information"
-> then expand "Microsoft Visual FoxPro 8.0"
-> and also "Microsoft Visual FoxPro 8.0 Runtime Library"


-Stefan