It's listed in my MU History as GDI+ Tool (KB873374) However, if it is
listed in any file on my system except the printout from MU history online,
it's in a different language (computer language) and not readable as plain
text (unless there are translators for such things, I don't know.)
In any case, it is downloaded, immediately runs, then disappears itself. No
trace remains except in the History.
Note that I downloaded and ran the GDI+ Detection Tool just now, and while
it told me that I have software installed that MAY be vulnerable, it does
not identify the app and simply provides instructions to use Windows Update
and Office Update (or Microsoft Update, which includes both) to check to see
that the proper patches have been installed. In my case, the only vulnerable
item I had was Office XP, and while the MS04-028 update doesn't appear in
the History, I presume it was subsumed into a later Update. All I know is
that none of the Update sites offers the patch and it isn't listed in my WU
history.
So, I downloaded the patch suggested for Office XP SP3
http://www.microsoft.com/downloads/...14-6D34-49DF-8D63-6C17E9A2D312&displaylang=en
and ran it, first the full version, which simply prompted Office Setup, so I
clicked OK and downloaded the client version and it gave me a message that
the patch had already been installed or had been included in a later update.
It still does not appear to be listed in my system anywhere, so I presume
the latter. However I don't feel like investigating that possibility (list
all the subsequent patches and then find out what's in them.)
In case you're curious, this XP SP2 (now SP3) system was installed at the
end of January, 2007, and Office XP w/ FrontPage a month later. They were
immediately updated using Microsoft Update and kept up to date.
So, as PA Bear says, your best recourse is to simply see if Windows Update,
Office Update or Microsoft Update offer any of the MS04-028 patches. Or you
can do what I did and apply any version that applies to any app you have
that's listed in MS04-028 and see what happens.
Maybe your AV simply ran the equivalent (or the very same) GDI+ Detection
tool and got the same message I did -- you have apps or OS installed that
MAY be susceptible and you should make sure you're up to date. Windows,
Office and/or Microsoft Update will tell you if any patch is needed.