Close

Results 1 to 11 of 11
  1. #1
    DF Member Stig's Avatar
    Join Date
    Mar 2003
    Location
    UK
    Posts
    34
    Thanks
    1
    Thanked:        2
    Karma Level
    219

    Default Internet Explorer 6/7/8/9/10/11 Vulnerability

    Microsoft have released a Security Advisory for a vulnerability in Internet Explorer that could allow Remote Code execut1on. This affects all Internet Explorer browsers from IE6 upwards:

    [Only registered and activated users can see links. ]

    Having done some research it would appear that the best way to workaround this issue (until a permanent fix is released) is the following:

    Unregister VGX.DLL
    1. Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
    2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.


    Impact of Workaround: Applications that render VML will no longer do so once vgx.dll has been unregistered.
    When a security update is available to address this issue, you should re-register vgx.dll after installing the security update. To re-register vgx.dll follow these steps:

    1. Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
    2. A dialog box appears to confirm that the registration process has succeeded. Click OK to close the dialog box.


    Very few websites use VML so this should have least impact:

    Vector Markup Language (VML) is an XML-based language that facilitates the use of vector graphics on the Internet, especially on Web sites. VML was proposed to the World Wide Web Consortium (W3C) as a standard for vector graphics rendering by Microsoft, Autodesk, Macromedia and Visio in 1998 but was never formally accepted. Instead, it evolved, along with another proposed standard, into Scalable Vector Graphics (SVG), which came into widespread use in 2003. Even so, Microsoft implemented VML capability into its Internet Explorer 5.0 browser.

    Both VML and SVG describe images in vector format as an application of XML. Vector graphics is the creation of digital images in terms of mathematical statements that place lines and shapes in two-dimensional or three-dimensional space. Any program such as a Web browser that recognizes XML can display this type of image using the information provided in the VML or SVG formats. VML and SVG enable the viewing of an image on a display of any screen size and resolution and allow text within the image to be recognized. This makes it possible for text to be located by a search engine and translated into multiple languages. Compared with a bitmap, a VML or SVG image may be smaller and arrive more quickly over slow Internet connections. Nevertheless, GIF, JPG and PNG images are expected to continue to predominate for use on Web sites.

  2. #2
    DF Rookie tuxpenguin's Avatar
    Join Date
    Apr 2014
    Location
    Aberdeen
    Posts
    11
    Thanks
    4
    Thanked:        5
    Karma Level
    83

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    Best advice for the fast workaround: Switch to another web browser, such as Mozilla Firefox or Google Chrome. This is one of the recommendations from U.S. and U.K. Computer Emergency Readiness Teams from their national security agencies.

  3. #3
    DF Member Stig's Avatar
    Join Date
    Mar 2003
    Location
    UK
    Posts
    34
    Thanks
    1
    Thanked:        2
    Karma Level
    219

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    True, but not always viable in large organisations as deployment leads to another web browser to support and can deviate from the "corporate standard" in some cases.

  4. #4
    DF Rookie tuxpenguin's Avatar
    Join Date
    Apr 2014
    Location
    Aberdeen
    Posts
    11
    Thanks
    4
    Thanked:        5
    Karma Level
    83

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    It is just the best temporary workaround until MS fix the issue. Of course where you can't get rid of IE should be used the other ones.

  5. #5
    DF PwNagE liveseytowers's Avatar
    Join Date
    Aug 2007
    Location
    Bristol, Unite
    Posts
    7,789
    Thanks
    518
    Thanked:        274
    Karma Level
    660

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    I'd rather be rolling out chrome with gpo restrictions than rolling out un registering dlls as a temp fix. In this day and age it's probably wise to have two browsers as the standard as seeing as you mange chrome with a gpo chrome it is for us.

    Sent from my HTC One using Tapatalk

  6. #6
    DF Member Stig's Avatar
    Join Date
    Mar 2003
    Location
    UK
    Posts
    34
    Thanks
    1
    Thanked:        2
    Karma Level
    219

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    I see what you are saying, but can Chrome patches and releases be controlled via GPO?

    Obviously WSUS can be used for IE.

  7. #7
    DF PwNagE liveseytowers's Avatar
    Join Date
    Aug 2007
    Location
    Bristol, Unite
    Posts
    7,789
    Thanks
    518
    Thanked:        274
    Karma Level
    660

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    We allow chrome to auto update but lock it down so no extensions are allowed etc. If you had time it wouldn't be hard to roll out updates I'm sure there is a msi for it. Worth having as a fall back.

    Sent from my HTC One using Tapatalk

  8. #8
    DF Member Stig's Avatar
    Join Date
    Mar 2003
    Location
    UK
    Posts
    34
    Thanks
    1
    Thanked:        2
    Karma Level
    219

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    Cool, may have to check that out then. Thanks.

  9. #9
    DF Rookie tuxpenguin's Avatar
    Join Date
    Apr 2014
    Location
    Aberdeen
    Posts
    11
    Thanks
    4
    Thanked:        5
    Karma Level
    83

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    What about Opera? Is it that one used in enterpise organizations?

  10. #10
    DF Probation Goldberg's Avatar
    Join Date
    Jun 2001
    Location
    Landaaaan!
    Posts
    14,466
    Thanks
    1,333
    Thanked:        1,558
    Karma Level
    1175

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    You would not believe how much trouble browsers cause!

    The product that we sell to corporations has to be tested on every version of every browser. Fortunately we can automate most of it but the biggest problem we face is versions of IE!
    Honestly, our product front end is through a browser and IE8 is the biggest ball ache of all time! Not rendering correctly, buttons in the wrong place, overlapping borders etc..

    But, telling customers "we do not support IE8" would lose us businesses. Big corporations/bank (our client base) have thin clients all running particular flavours, with tweaks, of a certain browser company wide.

    Throw Chrome and Firefox into the mix and it causes us a lot of work.
    We all make mistakes sometimes

  11. #11
    DF PwNagE liveseytowers's Avatar
    Join Date
    Aug 2007
    Location
    Bristol, Unite
    Posts
    7,789
    Thanks
    518
    Thanked:        274
    Karma Level
    660

    Default Re: Internet Explorer 6/7/8/9/10/11 Vulnerability

    We have issues were some apps support different versions of IE, others support Chrome, others support Firefox. Its a right pain in the ass. Chrome is really good now with the GPO support but Firefox last time I packaged it up it had all the tweaks in a config file which isn't ideal. Any changes needed and you've to push out a new config. What happened to the days when you only supported IE6 and that was it?

Similar Threads

  1. Replies: 3
    Last Post: 3rd June 2015, 11:31 PM
  2. Replies: 2
    Last Post: 19th January 2010, 09:00 PM
  3. MS internet explorer ?
    By thewhizz in forum Microsoft Windows XP & Vista
    Replies: 4
    Last Post: 9th April 2005, 10:39 PM
  4. Internet Explorer
    By redstripe in forum PC Problems
    Replies: 2
    Last Post: 27th October 2003, 03:12 PM
  5. FTP via internet explorer ;)
    By ffrr in forum Microsoft Consoles
    Replies: 0
    Last Post: 12th October 2003, 08:54 PM

Social Networking Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •