Lively discussions on the graphic arts and publishing — in print or on the web

Go Back   Desktop Publishing Forum > General Discussions > General Publishing Topics

Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 09-22-2006, 01:11 AM   #1
Kelvyn's Avatar
Join Date: Feb 2005
Location: In the Heart of the English Lake District
Posts: 1,381
Default MS IE 6 remote administrative exploit warning

A remote exploit with IE6 that can allow an attacker to gain administrative access to any Windows workstation, server or desktop running any version of IE6 has been reported. There is currently no patch or hot-fix available from Microsoft to address this issue. Exploit code has been published on news groups and security web sites with ample details on how to take advantage of this exploit through nothing more than a victim “viewing” a web page – one need not even click in the web page, just simply open it and you are exploited.

See this MS report & response with an expected release of a fix on 10th October.

Symptoms of exploitation involve multiple program crashes and in the error details from the crash report windows generates, you will see the file “vgx.dll”. If you have experienced this issue in the last 7 days then it is possible you have been exploited. The only way to correct the matter is to completely reinstall windows, this should be done as soon as possible so that an attacker has no chance to modify local files or backups.

This exploit affects a component of IE6 called VML, it is not an important feature in IE in terms of general web surfing and conducting business online. It is recommended to disable VML support on PCs as soon as possible. The list of mitigating factors in the above URL will assist with identifying what system setups may be exploitable however if you don’t know what VML is or have no use for it, disable it till such time a patch is released.

Disable VML
Start > run
regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll

Enable VML
Start> run
regsvr32 "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll


Web site design, hosting and marketing, Keswick in the UK Lake District

If you are planning a visit to Keswick then try Keswick Tourist Information website

Kelvyn is offline   Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Remote Desktop for Mac? bmann General Publishing Topics 5 01-23-2013 04:42 AM
CSS validator warning dthomsen8 Web Site Building & Maintenance 4 03-19-2006 01:04 PM

All times are GMT -8. The time now is 07:00 AM.

Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Contents copyright 2004–2019 Desktop Publishing Forum and its members.