Wednesday, January 10, 2007

Déjà vu: vgx.dll, another nasty zero-day IE exploit in the wild...

It feels like déjà vu

Just less that 4 months ago, there was as zero-day IE vulnerability related its rendering engine (
Microsoft Vector Graphics Rendering Library Buffer Overflow)
now they just released a patch for IE 5.x, 6.x, 7.x to fix another VML vulnerability that they admit it is being actively exploited (Microsoft Windows Vector Markup Language Buffer Overflow)

no need to explain how dangerous these kind of remote execution exploits...
with the help of google (and other search engines) that provides malicious results allowing drive by install by simply going to malicious sites, 2007 is going to be another year of fruitious stealth rootkit installation...

thank you M$ for helping security vendors.

Use firefox!

Ignorance is a crime.


PS: Unregistering VGX.DLL workaround helps for both situation:
1.Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.

2.A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

For a large enterprise, this guy from M$ has provided a cool solution:
Block VML Zero-Day Vuln on a domain

Labels:

0 Comments:

Post a Comment

<< Home