Microsoft Security Bulletin MS07-004 - Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969)
This critical vulnerability’s exploit details are public and being exploited in ongoing attacks. The vulnerability would allow an attacker who creates a malformed web page or email with VML content to take control of the computer of a user who reads the email or views web page. VML is an XML based graphics format. You can recognize VML content because of the v: tag prefix in html pages. See http://msdn.microsoft.com/library/default.asp?url=/workshop/author/vml/default.asp for more information on VML. I recommend installing it on all workstations and end-user accessible Terminal Servers as soon as possible or implementing on of the workarounds below
- ACL modification of vgx.dll
- unregistering vgx.dll
- block VML content at web and email gateways
For more information on these workarounds see the bulletin.
If you implement the ACL modification workaround and later decide to deploy the patch, you should back-out that ACL modification before installing the patch or installation may fail.
Get this valuable commentary each month as soon as Microsoft releases security updates!
Free log parser scripts, a clear explanation of Microsoft's
latest security bulletin, helpful security tips, how-to's and more.
|
