Evaluation of the Risks of IE VML exploit

I'm in risk evaluation mode right now……oooh the control thrill tonight….. do I Group Policy with Dr. J or ISA server block linked below …… I think we'll go for Group Policy fun with Dr. J.  We need to ensure we do more of that control stuff anyway in general … all of us don't do enough of it.

Now then… another option that Sandi would point out is that IE 7 is not vulnerable to this… and in a home setting I might be tempted to go for it and install it…. here at the office though …my Line of Business crud means that I stay with non beta options…. but I do have options with dealing with this issue.  I do not have to panic.

Let's review…..

  • The list of sites I've seen are not that large
  • I have options in the form of both Group policy blocking and ISA server

But more than anything else… can we NOT panic?  The sky is not falling…. and we have options here.. 

 Microsoft Security Advisory (925568): Vulnerability in Vector Markup Language Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/advisory/925568.mspx

September 22, 2006: Advisory updated with third party security updates FAQ, un-register vgx.dll workaround updated, and ISA Server workaround added.

Customers with Microsoft Internet Security and Acceleration (ISA) Server 2004 or 2006 may also block malicious traffic intended to exploit this vulnerability. For more information about how to enable this setting in ISA Server, see Learn How Your ISA Server Helps Block VML Vulnerability Traffic.

Learn How Your ISA Server Helps Block VML Vulnerability Traffic (925568):
http://www.microsoft.com/technet/isa/2006/how-to-block-vml.mspx

One Thought on “Evaluation of the Risks of IE VML exploit

  1. Don Murphy on September 22, 2006 at 10:13 pm said:

    There is also a third party fix out there.

    http://www.informationweek.com/news/showArticle.jhtml?articleID=193004898

    Be interested to hear your thoughts on that…

Post Navigation