Thread: Two Serious New Windows Problems
View Single Post
Old 09-22-06, 12:44 PM   #1
WutWuzDat
Planesman
 
Join Date: Apr 2002
Location: I can't remember... In front of a PC?
Posts: 185
Downloads: 0
Uploads: 0
Default Two Serious New Windows Problems
Quote:
* Microsoft's VML Security Advisory — "Vulnerability in Vector Markup Language Could Allow Remote Code Execution." This advisory provides a general overview of the problem and, fortunately, also provides a robust interim work-around to disable Windows' and IE's VML parsing. This can and should be used until Microsoft has repaired the buffer overrun in the VGX.DLL VML parser that is being actively exploited on the Internet.
* How to temporarily protect your system:
As detailed in Microsoft's VML security advisory (see link above), you can quickly, easily, and safely protect your system from possible VML exploitation by "unregistering" the defective DLL. The system will no longer be able to render web-based vector markup language graphics, but you won't notice any difference since few sites use VML for benign purposes.

Simply copy this command from this page (highlight the entire line then type Ctrl-C to Copy it into the clipboard), then open the "Run..." dialog by pressing your system's Start button and choosing "Run..." Press "Backspace" to remove anything that might already be in the "Open" field, then type "Ctrl-V" to paste the command into the field. Press "OK" to execute the command and you should receive a dialog confirming that the VGX.DLL file has been "unregistered" ...

regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

Please tell your family and friends and the word. Since this newly discovered Windows VML defect is being actively exploited by thousands of web sites to install malware, and since viewing malicious eMail with many versions of Outlook will also cause this to occur, EVERY Windows user is a potential victim. Please help people to protect themselves.
* How to "re-register" the VGX.DLL:
Once Microsoft has repaired this defect, which should happen no later than the second Tuesday in October (Oct. 10th) — and after you have applied those October security updates — you should re-register the repaired VGX.DLL file by repeating the steps above, but using a command without the "-u" argument, as follows:

regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

At that time, please also remind anyone you may have helped to protect themselves through un-registering the DLL to re-register it AFTER they have updated their system with the current October patches.
* Windows 2000 Compressed File Corruption
. . . or as Microsoft's official update page is titled: "Compressed files that are larger than 4 kilobytes may be corrupted when you create or update the files." A serious "regression" error was introduced into last month's (August 2006) security patches for Windows 2000 systems. This error can cause corruption of NTFS-compressed files on systems that have had security update 920958 (MS06-049) applied.

If you are using Windows 2000 (any flavor) and keeping it current with monthly security patches, you should IMMEDIATELY apply this patch to cure the error that was introduced in August's security update:

Obtain the Windows2000-KB925308-x86-ENU.EXE package now.

And, again, please inform anyone you know, who is using Windows 2000, about this critical issue.
http://www.grc.com/sn/notes-058.htm
__________________
- Adam ©1988 - 2008. All rights reserved.

Life is like a roll of toliet paper, the older you get, the faster it goes!
WutWuzDat is offline   Reply With Quote