MS Windows Internet Explorer vector markup language buffer overflow vulnerability

Allison Henry, IST–IS

There is a vulnerability in Microsoft Internet Explorer that can be exploited by an attacker to execute arbitrary code on the target system. Systems can become exploited when browsing to web pages infected with the malicious code. These infected web pages are now becoming more widespread, and in response, SNS is advising all campus users to take measures to mitigate this threat. There is no patch available for this vulnerability yet, but the following actions can be taken to reduce the risk to your systems (for a layered approach take as many of these actions as is appropriate in your environment):

* Make sure all systems are running antivirus software with current definitions and auto-update enabled.

* Unregister the vulnerable dll: Click "Start", click "Run", type: regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll" and then click "OK" (highly recommended, but may cause problems viewing the few websites that render VML).

* Configure IE6 for Windows XP SP2 to disable Binary and Script behaviors (check Microsoft's advisory page microsoft.com/technet for details on how to do this).

* Use an alternate web browser until a patch is issued by Microsoft.

* Configure your email client to display mail as plain text rather than HTML (an HTML email containing the malicious code can also be a vector).

* Use care when browsing — do not follow untrusted links sent via email or suspicious links from other sites (but do not rely on this for protection as previously safe sites could become infected with the malicious code).

More information about this vulnerability

* microsoft.com/technet
* symantec.com/enterprise

1 Comment · 262 Reads ·

Comments

Post Comment

Ratings