Internet Explorer VML Fix Released

By terry Leave a Comment

Microsoft released their critical security patch for the VML security bug in Internet Explorer.

Last week, researchers from Sunbelt Software (makers of CounterSpy) discovered that the VML handling flaw was already being used by some malicious sites to install trojans and downloaders to visitors’ computers.

Sunbelt and others released some quick patches, which basically involved disabling the Vector Markup Language handling in Internet Explorer.

If you did any of the temporary fixes, it’s best to remove the temporary fix before installing today’s Windows Update patch.

Filed Under: Web Browsers, Windows XP

New IE Flaw Already Being Attacked

By terry Leave a Comment

ZDNet reports that an unpatched security bug in Internet Explorer is already being exploited to install malicious software. The quote Ken Dunham of VeriSign’s iDefense saying that fully patched versions of IE are vulnerable.

The ZDNet article also reports that Microsoft plans to fix the hole in its October 10th “Patch Tuesday,” its once-a-month release of patches for MS products.

Eric Sites of Sunbelt Software, makers of the CounterSpy anti-spyware/anti-adware program that I use and recommend, says in his blog entry that this is a flaw with the VML routine in IE and can be “mitigated by turning off Javascripting” (in IE).

How to turn off JavaScript/ActiveScript in IE

Of course, this isn’t a very useful solution as many web sites use JavaScript for navigation and other necessary functions.

Much easier, use Firefox as your web browser. Yes, you can have IE and Firefox both installed and even both open at the same time.

Filed Under: System Control, Web Browsers, Windows XP
Newer Posts »