Microsoft releases official VML patch!!



The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that’s been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered the affected DLL you should consider re-registering the same so that you’ll be able to view/access vml content in the future. Here’s Microsoft’s technet Security Bulletin on the matter. (Visit update.microsoft.com if it’s not automatically downloaded for you.) It should be noted that the RC of IE 7 was not affected by this vulnerability.


A few days ago, I speculated that the way to get this patched by 9/25/06 was if it were discovered that the vulnerability were being used to strip DRM from Microsoft’s Windows Media audio/video files…. I’m glad to see that they did it early without their DRM future at stake….

Also, I should mention if you’ve installed the unofficial patch, uninstall that at this time as well. Brian Krebs at the Security Fix also has coverage on this.

Good job Microsoft, thanks for going “out of cycle” to get this update out there.

Related Posts

Blog Traffic Exchange Related Posts
  • Adobe Acrobat reader update On the heels of yesterdays massive update day from Microsoft, Adobe has released an update for the free Adobe Reader. The Adobe reader is one of those ALMOST essential applications that MOST everyone has installed. So, this will be of particular interest to MOST computer users. A SERIOUS security flaw......
  • Updating Windows XP SP2 serial number Intelliadmin published this earlier today... with all the problems some people have had with the Genuine advantage notification that their copy of Windows may not be legitimate (many reasons for this...) it may be necessary to buy a new copy of Windows and it would be a nuisance to have......
  • MS06-040 update MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for "wormable" activity. There's a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively "in the wild", and of course,......
Blog Traffic Exchange Related Websites
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • How to Replace a Window Replacing your windows can bring numerous benefits to your home. Not only will they look nicer and add value to your property, but you can also gain significant energy savings. Most new windows are now heat and cold efficient and will greatly reduce the amount of drafts coming in as......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site