Microsoft have released a Security Advisory for a vulnerability in Internet Explorer that could allow Remote Code execut1on. This affects all Internet Explorer browsers from IE6 upwards:
[Only registered and activated users can see links. ]
Having done some research it would appear that the best way to workaround this issue (until a permanent fix is released) is the following:
- Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
- A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: Applications that render VML will no longer do so once vgx.dll has been unregistered.
When a security update is available to address this issue, you should re-register vgx.dll after installing the security update. To re-register vgx.dll follow these steps:
- Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
- A dialog box appears to confirm that the registration process has succeeded. Click OK to close the dialog box.
Very few websites use VML so this should have least impact:
Vector Markup Language (VML) is an XML-based language that facilitates the use of vector graphics on the Internet, especially on Web sites. VML was proposed to the World Wide Web Consortium (W3C) as a standard for vector graphics rendering by Microsoft, Autodesk, Macromedia and Visio in 1998 but was never formally accepted. Instead, it evolved, along with another proposed standard, into Scalable Vector Graphics (SVG), which came into widespread use in 2003. Even so, Microsoft implemented VML capability into its Internet Explorer 5.0 browser.
Both VML and SVG describe images in vector format as an application of XML. Vector graphics is the creation of digital images in terms of mathematical statements that place lines and shapes in two-dimensional or three-dimensional space. Any program such as a Web browser that recognizes XML can display this type of image using the information provided in the VML or SVG formats. VML and SVG enable the viewing of an image on a display of any screen size and resolution and allow text within the image to be recognized. This makes it possible for text to be located by a search engine and translated into multiple languages. Compared with a bitmap, a VML or SVG image may be smaller and arrive more quickly over slow Internet connections. Nevertheless, GIF, JPG and PNG images are expected to continue to predominate for use on Web sites.