Resolution
goal
What is NetIQ's recommendation with regards to the GDIPlus.DLL vulnerability in Security Manager 5.0?
fact
Security Manager 5.00
fact
Security Manager 5.0 SP1
symptom
GDIPlus.DLL (GDI+) version 5.1.3097.0 in Security Manager 5.0
fix
note
For more information about this vulnerability and access to the security update, please visit Microsoft TechNet: http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
What is NetIQ's recommendation with regards to the GDIPlus.DLL vulnerability in Security Manager 5.0?
fact
Security Manager 5.00
fact
Security Manager 5.0 SP1
symptom
GDIPlus.DLL (GDI+) version 5.1.3097.0 in Security Manager 5.0
fix
The NetIQ Security Manager (SM) install contains a GDIPlus.DLL (GDI+) version 5.1.3097.0 in the following locations:
<installfolder>\OnePoint
<installfolder>\OnePoint\InstallService (Central computers only)
Although the SM copy of GDI+ should not cause any vulnerability in your environment, you can safely replace it with GDIPlus.DLLversion 5.1.3102.1355 as recommended by Microsoft. Future versions of SM will only contain the 5.1.3102.1355 or higher version of this DLL.
note
For more information about this vulnerability and access to the security update, please visit Microsoft TechNet: http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx
Additional Information
Formerly known as NETIQKB43136