Researchers at Sunbelt Software have discovered a new exploit in Internet Explorer that is being used to compromise systems using Internet Explorer. This flaw forms part of something called VML or vector markup language an XML Web programming language used to create scalable graphics.
On the Sunbelt Blog, Eric Sites, VP or Research and Development, shows how a fully patched system can be compromised by visiting a web page making use of the malicious code. This is being used to install nasty spyware and adware.
Microsoft has issued a workaround for latest 0-day exploit for Internet Explorer. This workaround will disable VML rendering but most users won't really notice this.
The workaround involves unregistering a DLL file called vgx.dll (to do this you need admin privileges).
Click Start, click Run, type regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll", and then click OK.
Undoing this change is simple and only requires you to re-register vgx.dll.
Click Start, click Run, type regsvr32 "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll", and then click OK.
This should be safe to do once a patch is released.
No comments:
Post a Comment