Greg Hewgill (ghewgill) wrote,
Greg Hewgill

public service announcement: vml vulnerability

Similar to the WMF vulnerability in Windows exposed earlier this year, there is a new vulnerability in VML files. F-Secure has an article on how to protect your system which involves unregistering the vgx.dll component.

F-Secure states that: "VML is a description format for browsers to draw vector graphics. Not too many websites use this format today - but rather display plain images." While this is true, there is one rather popular application that does in fact use VML: Google Maps (at least, when you're using Internet Explorer).

Google Maps uses VML in Internet Explorer to draw line segments when using the route-finding features. For an example of a map that fails to display lines after unregistering vgx.dll, see my southwest USA travel map from our trip last year. There should be lines on the map tracing the route we drove. It is worth noting that for browsers other than Internet Explorer, Google Maps uses a more intensive server-side solution - it generates a mostly transparent PNG overlay file on the Google Maps servers, and overlays that on top of the map.

Of course Microsoft already has a fix for this, but the patch release is not scheduled until the next Patch Tuesday, 10 October. It will be interesting to see whether we see the rapid rise in exploit code between now and then (like we did for the WMF vulnerability).
Tags: psa

  • ljdump 1.1 - now supports comments

    I have updated ljdump so that it now supports downloading all journal comments. Comments are downloaded incrementally, just like journal entries, so…

  • livejournal backup copy online

    One of the reasons I wrote ljdump was to use the backup copy to generate a simple HTML presentation of my journal directly on my web site. This is…

  • livejournal backup copy

    Ever since I started using livejournal, it's annoyed me that the content I write is stored on somebody else's server. It's not that I don't have…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded