Zero Exploit: how to defend to VML IE bug

There is a new bug on IE 6, that concern VML (Vector Markup Language) vulnerability discovered by Sunbelt, about in-the-wild malware attached reguarded also the fully patched Windows system: the Url from many web sites (especially from Russian) include “MS06-XMLNS&SP2,” string, there is an advisory from Secunia. Microsoft has write a security advisory and tell that will be launch a patch only on October, 10, the next patch day. In order to defend from this vulnerability you have this choice: first use a antivirus software as Symantec, Mcafee, Trend Micro; second, un-register Vgx.dll or modify the access control list, third disable Binary and Script Behaviors in IE. You can finally use another browse like Mozilla Firefox.

[UPDATE, September 28] MSFT has launch a official patch before the patch days: read the official page for more info.

One thought on “Zero Exploit: how to defend to VML IE bug

  1. Pingback:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.