New IE Exploit
Websites that take advantage of a flaw in the dll that draws VML (Vector Markup Language) mostly seem to include pr0n and serialz (pirate software) sites. However, a Russian company is selling a Web Attack kit for about $15, (that includes technical support!) for installing this and other IE exploits. It won't be long before other sites follow suit; the free clip-art, screensavers, downloads, and fake search engine pages we get all the time. There is money to be made in turning over compromised machine to those who have a need for them.
If you use Firefox, no worries. Well...sooner or later you will open IE; in Outlook, Windows Explorer, or an applications help link. IE is unavoidable unless you simply don't use windows at all.
The easiest fix is to unregister the vml dll (vgx.dll). Go to your start -> run command window and type:
Visit this test page to see if it worked:
Zeroday Emergency Response Team
Read more about it:
Securiteam's description
F-Secure Description
If you use Firefox, no worries. Well...sooner or later you will open IE; in Outlook, Windows Explorer, or an applications help link. IE is unavoidable unless you simply don't use windows at all.
The easiest fix is to unregister the vml dll (vgx.dll). Go to your start -> run command window and type:
regsvr32 /u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll
Visit this test page to see if it worked:
Zeroday Emergency Response Team
Read more about it:
Securiteam's description
F-Secure Description
