As expected, this is now active and in the wild - and it seems
rather nasty too. It's making an appearance via a spam email directing you to a website for 'more information'.
As for the slashdot story, good tool maybe - but what an awful 'open letter'! Including an irrelevant story about your childhood that comprises half the letter seems guaranteed to make Microsoft ignore it...
edit: actually, it is a very useful tool. Despite doing everything that Microsoft said,
Scanning Drive C:...
<snip>
C:\Program Files\Mindjet\MindManager 5\sys\shell\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Mindjet\MindManager 5\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Mindjet\MindManager 5 Viewer\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
<snip>
Scan Complete.
Now it's much less likely that i'll open a vulnerable jpeg with MindManager than with Internet Explorer, but, still, it's nice to be watertight when possible.
Oh b*gger, there's more on another computer. Anybody have any idea what these two are?
C:\I386\ASMS\1000\MSFT\WINDOWS\GDIPLUS\GDIPLUS.DLL
Version: 5.1.3097.0 <-- Vulnerable version
C:\I386\SXS.DLL
Version: 5.1.2600.1106 <-- Vulnerable version