• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Exploits & Vulnerabilities › Tips › Tutorials - HowTo › How to block VML exploit

How to block VML exploit

Myantispyware team September 20, 2006     No Comment    

Some days ago has been found new Zero day exploit. The exploit uses a bug in VML in Internet Explorer to overflow a buffer and inject shellcode. It is currently on and off again at a number of sites.

Secunia reported:

The vulnerability is caused due to a boundary error in the Microsoft Vector Graphics Rendering(VML) library (vgx.dll) when processing certain content in Vector Markup Language (VML) documents. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a malicious VML document containing an overly long “fill” method inside a “rect” tag with the Internet Explorer browser.

Successful exploitation allows execution of arbitrary code with the privileges of the application using the vulnerable functionality in the library.

For block the VML Exploit, try next:

1. Click Start, click Run, type “regsvr32 -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll ” (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered. To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with “regsvr32 “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll” (without the quotation marks).

Thanks to SunbeltBlog.

Exploits & Vulnerabilities Tips Tutorials - HowTo

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Newsonline.cc
How to remove Newsonline.cc pop-ups (Virus removal guide)
unwanted ads
How to remove WebSearchUpgrade app/extension from Mac (Virus removal guide)
Img Downloadit
How to uninstall Img Downloadit from Chrome, Firefox, IE, Edge
¡Saludos Tengo malas noticias para usted SCAM
¡Saludos! Tengo malas noticias para usted EMAIL SCAM
Reverce Captcha
How to remove Reverce Captcha Virus (Removal guide)

Follow Us

Search

Useful Guides

remove chrome extension
How to remove Chrome extensions installed by enterprise policy
Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]
How to remove pop-up ads [Chrome, Firefox, IE, Opera, Edge]
This setting is enforced by your administrator (Removal guide)
Malwarebytes won’t install, run or update – How to fix it

Recent Posts

Found new Internet Explorer Vulnerability
Worm uses MS04-007, MS05-017, MS05-039, MS06-040 bugs
How to remove DriveCleaner (Uninstall instructions)
Java extremely important update
Don’t be a victim or how to make better choices

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2020 My AntiSpyware - Free antispyware programs and Spyware Removal Instructions.