News

Microsoft Releases Fix for VML Exploit

By Nate Mook | Published September 26, 2006, 3:47 PM

In what could be the quickest patch ever to be released by Microsoft, the company on Tuesday publicly issued a fix for the highly-publicized Vector Markup Language (VML) vulnerability affecting Office and Internet Explorer that surfaced last week and was being actively exploited by numerous attacks.

The exploits prompted two security firms to issue unofficial patches for the problem, and Microsoft promised on Friday to rush out out a fix. The company traditionally waits until its monthly Patch Tuesday to release updates, but it has issued out-of-cycle patches in the past when customers were at risk. Users can download the patch now from Windows Update.

Comments

View comments by with a score of at least

prndll
Sep 27, 2006 - 11:03 PM

I wonder how many vulnerabilities will be created from this "fix"???????

I also wonder if this is a real fix???????

Score: 0

|
Post Reply
Frostek
Sep 27, 2006 - 5:30 PM

I'm sure it wasn't rushed out of the door what with all that publicity from a 3rd party patching their OS quicker than they could... :-)

Score: 0

|
Post Reply
mjm01010101
Sep 27, 2006 - 6:38 AM

No reboot. I'm not mad at MS anymore. :)

Score: 0

|
Post Reply
PC Rat
Sep 27, 2006 - 9:32 AM

...

"No reboot"

...

Yeah.

For the first while, most updates didn't require
a reboot.

But lately ALL updates have.

Maybe Microsoft has turned over a new leaf.

Nah !

...

The Computer Rodent

...

Score: 0

|
Post Reply
spiked
Sep 27, 2006 - 5:35 PM

It does require a reboot if VGX.DLL is loaded at the time of install. This DLL would only be loaded if you were browsing a page containing VML in IE (or any app using embedded IE) but since the Automatic Updates client tells people that they "can continue to work" during installation, there will be some people who get prompted to reboot.

Every update which requires a reboot does so for a reason. You don't often hear the reasons because they are too technical or uninteresting to the majority of Microsoft's 800 million users worldwide (keeping in mind that it only takes 400 million+1 to represent a majority).

Score: 0

|
Post Reply
PC Rat
Sep 27, 2006 - 2:59 AM

...

"Nice move Microsoft!
Fast!"

...

It's great seeing Microsoft being responsive
to their customer's needs for a change.

If this keeps up, Microsoft could reverse it's
negative puiblic image !

...

The Computer Rodent

...

Score: 0

|
Post Reply
Mike162005
Sep 26, 2006 - 7:01 PM

Got mine from Automatic updates today. Nice move Microsoft! Fast!

Score: 0

|
Post Reply

PDC 2009: What have we learned this week?

There was the freebie that no one will forget, the heebie-jeebies courtesy of Scott Guthrie, and a teensy bit clearer picture of how this cloud thingie should work.

Live report: Will Google Chrome OS change Linux?

The mysteries of just what Chrome OS is, and how much of an operating system it truly is, may be resolved today.

PDC 2009: Microsoft cares about Web browser performance

The effort to give users of the world's dominant Web browser the impression of quality, is a personal one for the man who leads that battle.

Nokia re-affirms its commitment to Symbian, sort of

Maemo won't necessarily be replacing Symbian in the Nokia N-Series, but that's definitely a place where it will be found.

E-book readers will be in short supply this holiday season

E-readers are hot this year, and a lot of compelling new products have been released, but are there enough electrophoretic displays to go around?

Sony looks to finally open a single storefront for downloads

Sony has had many different download portals for movies, music, e-books, and games, and now it's looking to make a single shop for all of it.

Tuning out the tablet: Time to give the endless speculation a rest

Wide Angle Zoom: Wishing and hoping and thinking and praying....won't put an iTablet on the market.

Five improvements for IT managers in 2010

If businesses are to improve their efficiency for next year, they need to stop and reassess the basic tenets of their job.

AOL's spinoff from Time Warner to shed 2,500 jobs

As AOL moves toward become an independent company again, it will cut nearly a third of its workforce.

Gartner: SMS-based money transfer will be bigger than mobile browsing, search

Gartner issues its predictions for the 10 things our phones will be doing in 2012.

Don't forget to upgrade to Firefox 3.6 beta 3 today

Mozilla has released the latest beta its Firefox 3.6 browser software, just over one week after beta 2.