Internet Explorer exploit code published

On several websites and security forums, the VML (Virtual Markup Language) exploit patched this month by Microsoft was released to the public. The code attacks the file “vgx.dll.” This file renders VML code, which is used for high resolution or quality graphics online. Published on several sites, including millw0rm.com, this released code gives others a chance to improve the proof-of-concept, develop more covert and malicious attacks.
Microsoft knew of this exploit and rushed to patch it, as it became known. This is the second critical attack on VML, the last one released in September. The code released is limited to reports Symantec said, in an alert released to DeepSight users yesterday. However, while that is the case now, it is only a matter of time before an advanced release of the code surfaces. LifeAsaGeek, the person who released the code, and took credit for it on millw0rm.com left details on improvement with a screenshot showing details of the exploit. While attacks on this exploit are reported low; there is still a risk. Microsoft is urging everyone to update sooner rather than later. Internet Explorer, versions 6 and 7, are open to attack and many systems are vulnerable to corruption without proper patches. Microsoft Windows Update will patch these errors if set to automatically update. If you do not use auto update on Windows regularly, you should run the Update program as soon as possible.

And Also

The Decade: Film's 10 Best Music Moments In The Aughts

The Decade: Film's 10 Best Music Moments In The Aughts - Cinema Blend
GASP: Goldstriker creates world's most expensive iPhone - The Tech Herald
Peter Jackson Looks Lovely at 'Bones' Premiere - PopEater
Chris Rock interview, Sons of Anarchy and Woody Allen shout out for 'Madagascar' star

Your Talkback on this Story

Latest Headlines in Tech

Older Talkback

page: 1

David LightmanJan 21st, 2007 - 05:29:06

Dood, the site is milw0rm.com not millw0rm.com. You have to be careful with those typos on url's. That's how the Russian Mafia and the Red Army get Winblows users to navigate to their sites and download their malicious VML.

Anyone who thinks it will be a 'matter of time' before better and more covert exploits are developed is fooling themselves. Exploits are generally developed and used by cyber criminals _way_ before 'proof of concept' code is ever published.

After Nimda, CodeRed, Slammer, Blaster etc., Microsoft considers any non Internet wide attack as low frequency. Exploit of client's doesn't really work that great for spreading worms, as users must be lured to the malicious content; and once they have it, their browser is really in no position to serve it to another client. It takes a good server-side vulnerability or combination of both to propigate a worm worthy enough for Microsoft to admit widespread exploitation.

Now that bot-armys have become so lucrative, criminal organization's such as the Russian Mafia have put a priority on exploiting the browser. With .NET and IE getting fatter and fatter every day, it looks like the bad guys will be eating well for awhile.

My advice is to stay away from the Russian mp3 and pr0n sites; turn off all the fancy browser features. The text based 'lynx' browser works pretty well for reading the news and 'pine' is just dandy for writing e-mail. But would it really be so bad being part of a bot-army?

David Lightman

Report this comment

page: 1

Tech

Tech News

Internet Explorer exploit code published

And Also

Your Talkback on this Story

Latest Headlines in Tech

Older Talkback

From Sites we Like

In Monsters and Critics

Corporate

The Fine Print