Photo Repair Software
Restore Your Favorite Photo

Jpeg Repair

SoftOrbits Jpeg Repair 1.7.6 full screenshot

I have seen many users complaining abouthow to fix the GDI+ JPEG Vulnerability, so I thought that it will be better if I can provide a detailed tutorial inorder to get rid of the same. Actually, this is a GDI Scan Tutorial, that can be used for eradicating the above mentioned problem.

For the people who d not know what this issue is, I would like to explain to them about the same in short.

What does GDI+ JPEG Vulnerability mean??

  • An "Application Programming Interface" that helps various applications to work with graphics as well as formatted text, that is used for interactive display is called as GDI+. This is a varied technology that is used on a large scale for different purposes.
  • gdiplus.dll is a DLL that is used for the working of the above mentioned technology. A problem was discovered in this particular DLL and it was named as the GDI+ JPEG Vulnerability.
  • A wrong code was generated by this DLL while the images were processed and this ultimately led to the vulnerability.
  • A very disastrous situation that can occur because of this vulnerability is that another person who is aware how this code works can take over your system. For this, they will use a specially designed image of the extension JPEG and then, work out with the code.
  • The image that has this particular vulnerability can be used for this same purpose of taking control over the computer. It can only happen when you try to view this JPEG image.
  • So, this vulnerability can go to the extent of threatening the security of the system. It can grant another person who is controlling the image or its code directly complete rights of the system, that is Administrator Rights.

Well, inorder to get rid of this problematic situation, an update has been released by Microsoft. This update has to be patched with whatever Windows operating system that anyone having the vulnerability is using. 2 of the updates are released, that includes the following:

  1. Windows Update
  2. Office Update

The official site of Microsoft provides the above mentioned updates. Only after applying both these updates, the technique that I am providing can help you. So, make sure that you are having these updates patched with your system. Re: How to fix the GDI+ JPEG Vulnerability You need to go about a particular scan to fix the GDI+ JPEG Vulnerability. This scan is called as GDI Scan.

GDI Scan:

If the applications that are released by Microsoft is the reason for such a vulnerability, then it can be resolved with the help of the updates that I have mentioned above. But, imagine an application that is not related to Microsoft becoming a reason for this vulnerability. Well, after knowing the problems that this vulnerability can cause, hackers can use the same for getting access to any systems by creating their own third party applications, that can cause this vulnerability.

The scan tool that is released by Microsoft can only be used for performing a GDI Scan for the Microsoft applications that are a reason for this problem. So, it is not possible for this tool for detecting any third party application, that I have mentioned above.

For this purpose, a GDI Scan has been released for detecting the vulnerability that can be caused by any of the applications, may it be Microsoft or any third party ones. With the help of this, you canfind out the applications that are vulnerable and after that upgrade the same. When the upgradation is done, the vulnerability will be removed by itself.

The DLLs that are given below can be the reason for the GDI+ JPEG Vulnerability:

  1. gdiplus.dll
  2. sxs.dll
  3. wsxs.dll
  4. mso.dll

Among these, the gdiplus.dll can be affected on a very large scale. If any of the above DLLs are affected, then the scan log will show them in red color. Also, the worst problem is that these DLLs cannot be found at only one place in your system. Thus, it is very difficult to find them manually.

The scan and search will take place in the following manner:

  1. First of all, it checks for all these DLLs in the directory where this particular vulnerable program is installed.
  2. After that, it will check for directory from where it was run from.
  3. Then, the directory of the system will be scanned.
  4. Now, the vulnerabilities in the System32 directory will be checked for.
  5. The operating system will be started from the system directory and the same will be scanned. The directory of Windows will also be checked for
  6. At last, any of the directories that can have possible vulnerabilities will be scanned for.

Thus, the operating system can be patched with the help of this method. But, a copy of the vulnerability can still be present in some part of the system. Re: How to fix the GDI+ JPEG Vulnerability How to go about using GDI Scan??

1: First of all you need to search on the web for gdiscan.exe, that of the GUI (Graphic User Interface) version. Download the same. I have downloaded it fromisc.sans.org. Also make sure that you do the download to a place in your computer that you wont forget.

2: Next, you need to run this downloaded executable file.
When you run this file, you will will get 3 options that can be used in this "GDI Scan" window as follows:

  • The drive that you would like to scan.
  • The Scan button.
  • The Clipboard button.

3: Now, you have to select the particular drive that you want to scan. Only one drive can be selected at a time. After selecting the drive, you have to start the scan with the help of the Scan button.

4: All gdiplus.dll and all other possible DLLs, that are related, along with their copies that are present in the drive that you specified will be shown as the output of the scan result.
Remember that I have mentioned that it does not matter whether the vulnerability is caused by a Microsoft application of any third party application, all the DLLs will be shown in the result.

5: Inorder to view the scan result, you have to use the last option, that is click on the Clipboard button. It is also possible for you to copy paste your DLL scan results into a notepad, so that you can get back to it later.