Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

IE VML vulnerability -- Problems with ZERT patch reported

While the ZERT patch probably works in most configurations, there are some issues reported and it's best to wait for an official solution from Microsoft. 

I'd recommend that users temporarily unregister the DLL and that should provide protection.  The VGX.dll associated with this new risk is not widely used in applications, so testing should be performed if this is rolled out corporately.   

1. Unregister the vulnerable DLL
2. Keeping AV protection updated
3. Stay away from dangerous or untrusted sites and email
 
 

VML Patching
http://www.f-secure.com/weblog/archives/archive-092006.html#00000975

QUOTE: There's an unsupported third party patch for the VML vulnerability available at ZERT. We haven't tested it, so we can't recommend it. But it's good to know something is available if this VML thingy really gets out of hand (which it hasn't yet). YMMV - This patch might not work with everyone. See discussion at PC Doctor Guides.


Problems with ZERT VML patch
http://www.pcdoctor-guide.com/wordpress/?p=3463

QUOTE: I'm getting reports of problems with the ZERT VML/vgx.dll patch on some systems.  It returns the following error message: "There was an error while trying to patch the DLL!"


Possible Fix if ZERT VML patch fails
http://www.pcdoctor-guide.com/wordpress/?p=3465

QUOTE: I've been playing with the ZERT VML patch and I think I've found a workaround for anyone having problems patching the vgx.dll file - and that's to unregister the DLL, run the patch and then reregister it.  This solution seems to offer the best of both worlds.