• Downloads
  • Tutorials
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Tutorials
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Free Malware Removal Tools
Home › Exploits & Vulnerabilities › Tips › Tutorials - HowTo › How to block VML exploit

How to block VML exploit

Patrik (Myantispyware admin) September 20, 2006     No Comment    

Some days ago has been found new Zero day exploit. The exploit uses a bug in VML in Internet Explorer to overflow a buffer and inject shellcode. It is currently on and off again at a number of sites.

Secunia reported:

The vulnerability is caused due to a boundary error in the Microsoft Vector Graphics Rendering(VML) library (vgx.dll) when processing certain content in Vector Markup Language (VML) documents. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a malicious VML document containing an overly long “fill” method inside a “rect” tag with the Internet Explorer browser.

Successful exploitation allows execution of arbitrary code with the privileges of the application using the vulnerable functionality in the library.

For block the VML Exploit, try next:

1. Click Start, click Run, type “regsvr32 -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll ” (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered. To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with “regsvr32 “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll” (without the quotation marks).

Thanks to SunbeltBlog.

Exploits & Vulnerabilities Tips Tutorials - HowTo

Author: Patrik (Myantispyware admin)

Leave a Reply Cancel reply




New Guides

Like2news.com
How to remove Like2news.com pop-ups [Chrome, Firefox, IE, Edge]
Zemana AntiMalware scan
How to remove Mega Media Start [Chrome, Firefox, IE, Edge]
TrojanDownloader:JS/Fakepack
How to remove TrojanDownloader:JS/Fakepack [Virus removal guide]
PDF Converter Hub
How to remove PDF Converter Hub [Chrome, Firefox, IE, Edge]
Search.hpdfconverterhub.com
How to remove Search.hpdfconverterhub.com [Chrome, Firefox, IE, Edge]

Follow US

NEED A HELP ?

If you’re seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Search

Useful Guides

How to reset Google Chrome settings to default
Best free malware removal tools
Best Free Malware Removal Tools 2019
How to reset Mozilla Firefox (Updated Apr. 2018)
ads by adware
How to remove Adware from Windows 10 (Virus removal guide)
installed by enterprise policy
How to remove Chrome extensions installed by enterprise policy

Recent Posts

Found new Internet Explorer Vulnerability
Worm uses MS04-007, MS05-017, MS05-039, MS06-040 bugs
How to remove DriveCleaner (Uninstall instructions)
Java extremely important update
Don’t be a victim or how to make better choices
Copyright © 2004 - 2019 My AntiSpyware - Free antispyware programs and Spyware Removal Instructions.