MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution -

(imported topic written by SystemAdmin)

We are having an issue with the update to “MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution - Word Viewer 2003, Excel Viewer 2003, Visio Viewer 2003” ID 805285

Last night we had approx. 9350 showing relevant and after sending the job only 200 or so were successful. We had over 5,200 failures.

We are now showing 9197 relevant but only 183 of these machines have office 2003 installed.

I manually tried to install the update on several relevant machines (that failed the original job) and received the attached error message…is it possible that the relevance is incorrect?

Thanks,

Scott

(imported comment written by kaushalw91)

You can use BES Relevance Debugger to check each relevance and results.

(imported comment written by o4463)

We’re having the same exact problem. 4,600 systems need the exact same fixlet with 4,000+ failures.

(imported comment written by Paul_Kerpa)

sdemonte, 04463,

Which MS Office products do you currently have installed on the client machines that work with this Fixlet, versus those that Fail?

Please let me know.

Thanks much.

(imported comment written by rwest23)

Although MS08-052 explicitly states that Microsoft Visio 2003 Viewer is applicable to the patch in question, as it turns out this simply is not true. Our initial testing covered Visio viewer installed along with the other viewers but not alone, and hence we did not catch this Microsoft oversight. Apologies for the mistake, and we will be publishing a new version that is only relevant for the Word and Excel viewers shortly. Please let us know if you experience any further issues with the new version.

(imported comment written by o4463)

Good to hear. We are primarily an Office 2000 organization with several hundred installs of Office 2007. We have close to 5,000 systems with Visio Viewer 2003 installed. We have only a dozen systems with Word or Excel viewers installed. Thanks for the support and clearing up the confusion.

(imported comment written by SystemAdmin)

Its fixed…thanks a bunch!!!