Microsoft Internet Explorer patches for unsupported OS versions (Windows 98 and ME)

Sunday, October 1st, 2006

For starters, if you’re using Windows 98 or ME still in a production system, you REALLY need to be looking at migration options and you should realize that the architecture of those systems is NOT conducive to a good secure platform. No XP isn’t perfect, but it is an improvement in many areas. That much [...]

Microsoft releases official VML patch!!

Tuesday, September 26th, 2006

The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that’s been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered the affected DLL you should [...]

Update on the Internet Explorer VML vulnerability

Friday, September 22nd, 2006

Just catching up on the days VML vulnerability news from today…. It looks as though… the exploit is now MUCH more widespread this blog has some video of an infection, what’s notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that they can harvest paypal/bank/etc. passwords…) [...]

How Microsoft could patch VML vulnerability before October’s patch day

Thursday, September 21st, 2006

SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose [...]

Internet Explorer 0-day (take 2 of the last few days…)

Wednesday, September 20th, 2006

The last zero day (activeX) seems to be less interesting than this NEW zero-day that really made a news splash in the last day. It looks as though this NEW 0-day affects VML… has good coverage here. Microsoft has an advisory up and they expect to release a patch on the next scheduled patch [...]


Switch to our mobile site