MS07-017: Vulnerability in GDI could allow remote code execution
This is the fix for the ANI exploit as well as other GDI related vulnerabilities.
It is very important to check for known issues before installing security fixes - a known issue affecting the MS07-017 may hit a lot of people, and if they do not read the documentation before allowing the fix to install via Automatic/Windows/Microsoft Update then they could be in for a shock.
"After you install this security update on a Windows XP Service Pack 2 (SP2)-based computer, Realtek HD Audio Control Panel (Rthdcpl.exe) may not start. Additionally, you receive an error message that is similar to the following:
Rthdcpl.exe - Illegal System DLL Relocation
The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.
For more information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:
935448 (http://support.microsoft.com/kb/935448/) The Realtek HD Audio Control Panel may not start, and you receive an error message when you start the computer: "Illegal System DLL Relocation."
If you experience this error after installing the ANI patch, please download and install the fix, available here:
http://support.microsoft.com/kb/935448/