We Protect Your World!

 

09/26/06 - Microsoft has released an official patch after discovery of the VML zero-day exploit. Please update your computer.

09/20/06 - There is a new zero-day exploit in the wild. The Vector Markup Language (VML) exploit allows remote code execution, meaning an attacker could gain complete control over an infected computer.

Call us at 336.580.1787 to schedule an appointment.

 

 

 

 

 

 

Utopia's Edge Consulting, LLC

Security Warning

Initially Published - September 20, 2006

Updated September 22, 26 2006

For Immediate Distribution

Utopia's Edge Consulting, LLC is monitoring a new exploit in how Microsoft Internet Explorer handles Vector Markup Language (VML). This exploit could allow a remote attacker to remotely execute code on your computer(s) merely by viewing a maliciously coded web page. Exploits that are triggered by visiting maliciously coded web pages or files, including webformatted emails are very dangerous, as we have seen already this year with the Windows Metafile (WMF) exploits.

UPDATED: According to the Internet Storm Center, E-Cards are currently being utilized as an infection vector. Please do not open an ecard from someone you do not know.

On September 20, most antivirus products did not detect this exploit. UPDATED: On September 22, the Internet Storm Center has raised their alert level to yellow due to the increasing numbers of existing and new exploits in the wild. Also, most antivirus products that are able to detect exploits in the wild only detect the payload, not the exploit.

UPDATED: Microsoft has released a patch outside of their normal patch cycle. According to Microsoft, a patch will be released on October 10, 2006. Please protect your computer(s) by taking the following steps:

How to protect your Windows PC: UPDATED:

Download and install the official Windows Patch

Start > Run > Type the following command:

regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

This will re-register VML on your computer after you install the official Microsoft patch.

We strive to make the Triad computing environment a safer place.  Please contact Eli Abrams at eli@utopiasedge.com or 336.580.1787 with questions or comments about this security warning. This page will be updated as information becomes available. 


 

 

 
Utopia's Edge Consulting is available daily from 9am to 9p to help detect, remove & prevent viruses and spyware and protect your technology investments. For more information or to schedule an appointment call 336.580.1787.
  
 
© 2004 - 2006 Utopias Edge Consulting, LLC.
All Rights Reserved