[Web4lib] New Microsoft Vulnerability
Avrum Shepard
ashepard at well.com
Sat Sep 23 00:59:47 EDT 2006
The link below will take you to a web site that
describes the IE vulnerability and has links to a
workaround that you can install till Microsoft
provides a fix around Oct 10. It looks like my
neighbor was hit by this bit of malicious code
yesterday. Don't forget to undo the workaround
when Microsoft releases the permanent fix.
Avrum
----------
<http://www.microsoft.com/technet/security/advisory/925568.mspx>Microsoft's
VML Security Advisory "Vulnerability in Vector
Markup Language Could Allow Remote Code
Execution." This advisory provides a general
overview of the problem and, fortunately, also
provides a robust interim work-around to disable
Windows' and IE's VML parsing. This can and
should be used until Microsoft has repaired the
buffer overrun in the VGX.DLL VML parser that is
being actively exploited on the Internet.
http://www.grc.com/sn/notes-058.htm
-------------- next part --------------
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.12.8/455 - Release Date: 9/22/2006
More information about the Web4lib
mailing list