Microsoft releases official VML patch!!



The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that’s been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered the affected DLL you should consider re-registering the same so that you’ll be able to view/access vml content in the future. Here’s Microsoft’s technet Security Bulletin on the matter. (Visit update.microsoft.com if it’s not automatically downloaded for you.) It should be noted that the RC of IE 7 was not affected by this vulnerability.


A few days ago, I speculated that the way to get this patched by 9/25/06 was if it were discovered that the vulnerability were being used to strip DRM from Microsoft’s Windows Media audio/video files…. I’m glad to see that they did it early without their DRM future at stake….

Also, I should mention if you’ve installed the unofficial patch, uninstall that at this time as well. Brian Krebs at the Security Fix also has coverage on this.

Good job Microsoft, thanks for going “out of cycle” to get this update out there.

Related Posts

Blog Traffic Exchange Related Posts
  • MS06-040 update MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for "wormable" activity. There's a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively "in the wild", and of course,......
  • Another problem with one of the Microsoft Patches... Last month, April, the Microsoft patch cycle had one problem patch that broke certain explorer extensions (most notable some HP software...) This time around it looks like the Flash patch that they distributed has given a few people fits. For starters, yes it's odd for Microsoft to distribute a patch......
  • Powerpoint zero day This has been a rough quarter for Office vulnerabilities... there seems to be a pattern, Microsoft patch day, then.... zero-day exploit within a week for an Office component. First Word, then Excel and now this month our vulnerable app is Powerpoint. The Security Fix has some coverage and notes the......
Blog Traffic Exchange Related Websites
  • What is Patch Tuesday? Excellent explanation of Patch Tuesday by TMI Engineering Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. Starting with Windows 98, Microsoft included a "Windows Update" system, that would check for patches to Windows and its components which Microsoft would release intermittently. With......
  • Review of Windows Live Writer When you find a tool that makes life easier, there is nothing more exciting. The need for corporations to simplify and systematize their processes has to do with working smart and taking advantage of things that allow workers to reach their goals without having to work quite as hard. One......
  • How to Replace a Window Replacing your windows can bring numerous benefits to your home. Not only will they look nicer and add value to your property, but you can also gain significant energy savings. Most new windows are now heat and cold efficient and will greatly reduce the amount of drafts coming in as......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site