Greg Hewgill (ghewgill) wrote,
Greg Hewgill

public service announcement: vml vulnerability

Similar to the WMF vulnerability in Windows exposed earlier this year, there is a new vulnerability in VML files. F-Secure has an article on how to protect your system which involves unregistering the vgx.dll component.

F-Secure states that: "VML is a description format for browsers to draw vector graphics. Not too many websites use this format today - but rather display plain images." While this is true, there is one rather popular application that does in fact use VML: Google Maps (at least, when you're using Internet Explorer).

Google Maps uses VML in Internet Explorer to draw line segments when using the route-finding features. For an example of a map that fails to display lines after unregistering vgx.dll, see my southwest USA travel map from our trip last year. There should be lines on the map tracing the route we drove. It is worth noting that for browsers other than Internet Explorer, Google Maps uses a more intensive server-side solution - it generates a mostly transparent PNG overlay file on the Google Maps servers, and overlays that on top of the map.

Of course Microsoft already has a fix for this, but the patch release is not scheduled until the next Patch Tuesday, 10 October. It will be interesting to see whether we see the rapid rise in exploit code between now and then (like we did for the WMF vulnerability).
Tags: psa

  • answer to geopoliconomic question

    The answer to this week's geopoliconomic question is that, at some time during the past century, the yellow countries have had coins struck at the…

  • geopoliconomic hint

    I almost forgot to post the hint for this week's geopoliconomic question! The hint is that the answer relates to an upcoming change in New Zealand…

  • geopoliconomic question

    The countries in this map are coloured grey or yellow, according to a particular distinguishing property about those countries. What is the property?…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded