Update for VML Vulnerability Released

As of now, Microsoft Security Bulletin MS06-055 -
Vulnerability in Vector Markup Language Could Allow Remote Code
Execution (925486)
http://www.microsoft.com/technet/sec.../MS06-055.mspx

has been published. The update is available from Automatic Updates, or
from the Windows | Microsoft Update sites.
The Security Bulletin's page links for the direct download of the update
are not functioning as of yet.
Hopefully, they will be shortly.

> Impact of Vulnerability: Remote Code Execution
>
> Maximum Severity Rating: Critical
>
> Recommendation: *** Customers should apply the update immediately ***

Practice safe hex, kiddies :
http://www.claymania.com/safe-hex.html


MowGreen [MVP 2003-2006]
===============
*-343-* FDNY
Never Forgotten
===============

and to add to this if you want to test to make sure you are not vulnerable
anymore
go to
Go to http://www.grc.com/sn/notes-058.htm

Click on the link: http://www.isotf.org/zert/testvml.htm

this will test to see if the patch took.
If you can see two colored boxes above and your browser has not crashed at
this point, you are not vulnerable.

robin

"MowGreen [MVP]" <> wrote in message
news:...
> As of now, Microsoft Security Bulletin MS06-055 -
> Vulnerability in Vector Markup Language Could Allow Remote Code Execution
> (925486) http://www.microsoft.com/technet/sec.../MS06-055.mspx
>
> has been published. The update is available from Automatic Updates, or
> from the Windows | Microsoft Update sites.
> The Security Bulletin's page links for the direct download of the update
> are not functioning as of yet.
> Hopefully, they will be shortly.
>
> > Impact of Vulnerability: Remote Code Execution
> >
> > Maximum Severity Rating: Critical
> >
> > Recommendation: *** Customers should apply the update immediately ***
>
> Practice safe hex, kiddies :
> http://www.claymania.com/safe-hex.html
>
>
> MowGreen [MVP 2003-2006]
> ===============
> *-343-* FDNY
> Never Forgotten
> ===============
>
>
>
>
>

Thanks, robin. Very useful link.

MowGreen [MVP 2003-2006]
===============
*-343-* FDNY
Never Forgotten
===============


robin wrote:

> and to add to this if you want to test to make sure you are not vulnerable
> anymore
> go to
> Go to http://www.grc.com/sn/notes-058.htm
>
> Click on the link: http://www.isotf.org/zert/testvml.htm
>
> this will test to see if the patch took.
> If you can see two colored boxes above and your browser has not crashed at
> this point, you are not vulnerable.
>
> robin
>
> "MowGreen [MVP]" <> wrote in message
> news:...
>
>>As of now, Microsoft Security Bulletin MS06-055 -
>>Vulnerability in Vector Markup Language Could Allow Remote Code Execution
>>(925486) http://www.microsoft.com/technet/sec.../MS06-055.mspx
>>
>>has been published. The update is available from Automatic Updates, or
>>from the Windows | Microsoft Update sites.
>>The Security Bulletin's page links for the direct download of the update
>>are not functioning as of yet.
>>Hopefully, they will be shortly.
>>
>>
>>>Impact of Vulnerability: Remote Code Execution
>>>
>>>Maximum Severity Rating: Critical
>>>
>>>Recommendation: *** Customers should apply the update immediately ***
>>
>>Practice safe hex, kiddies :
>>http://www.claymania.com/safe-hex.html
>>
>>
>>MowGreen [MVP 2003-2006]
>>===============
>> *-343-* FDNY
>>Never Forgotten
>>===============
>>
>>
>>
>>
>>
>
>
>

After installing KB925486, I began having problems with IE6 SP!. It kept
crashing. I uninstalled the update and now it is working fine.
--
Michael OConnor


"MowGreen [MVP]" wrote:

> Thanks, robin. Very useful link.
>
> MowGreen [MVP 2003-2006]
> ===============
> *-343-* FDNY
> Never Forgotten
> ===============
>
>
> robin wrote:
>
> > and to add to this if you want to test to make sure you are not vulnerable
> > anymore
> > go to
> > Go to http://www.grc.com/sn/notes-058.htm
> >
> > Click on the link: http://www.isotf.org/zert/testvml.htm
> >
> > this will test to see if the patch took.
> > If you can see two colored boxes above and your browser has not crashed at
> > this point, you are not vulnerable.
> >
> > robin
> >
> > "MowGreen [MVP]" <> wrote in message
> > news:...
> >
> >>As of now, Microsoft Security Bulletin MS06-055 -
> >>Vulnerability in Vector Markup Language Could Allow Remote Code Execution
> >>(925486) http://www.microsoft.com/technet/sec.../MS06-055.mspx
> >>
> >>has been published. The update is available from Automatic Updates, or
> >>from the Windows | Microsoft Update sites.
> >>The Security Bulletin's page links for the direct download of the update
> >>are not functioning as of yet.
> >>Hopefully, they will be shortly.
> >>
> >>
> >>>Impact of Vulnerability: Remote Code Execution
> >>>
> >>>Maximum Severity Rating: Critical
> >>>
> >>>Recommendation: *** Customers should apply the update immediately ***
> >>
> >>Practice safe hex, kiddies :
> >>http://www.claymania.com/safe-hex.html
> >>
> >>
> >>MowGreen [MVP 2003-2006]
> >>===============
> >> *-343-* FDNY
> >>Never Forgotten
> >>===============
> >>
> >>
> >>
> >>
> >>
> >
> >
> >
>

"MJOC" <> schrieb:

> After installing KB925486, I began having problems with IE6 SP!. It kept
> crashing.

Would you mind mentioning the Windows version you are using and
which exact error messages you've received while browsing which
sites?

Which Add-Ons / extensions / plugins for IE do you have installed?

> I uninstalled the update and now it is working fine.

Hm, but you're affect by the huge security hole with VML files again
in case you didn't have used any of the workarounds (or third party
patches which are/were released to fix that hole too).

Bye,
Freudi

Windows 2000 SP4. I don't remember the exat error and I have since cleared
my event logs. As far as plug-ins, Java, Shockwave, Flash. The usual stuff
needed for browsing.
--
Michael OConnor


"Ottmar Freudenberger" wrote:

> "MJOC" <> schrieb:
>
> > After installing KB925486, I began having problems with IE6 SP!. It kept
> > crashing.
>
> Would you mind mentioning the Windows version you are using and
> which exact error messages you've received while browsing which
> sites?
>
> Which Add-Ons / extensions / plugins for IE do you have installed?
>
> > I uninstalled the update and now it is working fine.
>
> Hm, but you're affect by the huge security hole with VML files again
> in case you didn't have used any of the workarounds (or third party
> patches which are/were released to fix that hole too).
>
> Bye,
> Freudi
>

"MJOC" <> schrieb:

> Windows 2000 SP4. I don't remember the exat error and I have since cleared
> my event logs.

That's a pitty. Install the Update again without having running any
application in the background. Disable antivirus software temporary
*before* installing the update.

> As far as plug-ins, Java, Shockwave, Flash.

No Google/Yahoo/MSN bar? No nothing?
You may want to verify that using third party tools like
http://www.safer-networking.org/en/spybotsd/ or HijackThis.

"Java" means the old yet unsupported MS Java engine or Sun's Java?

Bye,
Freudi

I tried all of that snd had the same problem. The update just sucks!
--
Michael OConnor


"Ottmar Freudenberger" wrote:

> "MJOC" <> schrieb:
>
> > Windows 2000 SP4. I don't remember the exat error and I have since cleared
> > my event logs.
>
> That's a pitty. Install the Update again without having running any
> application in the background. Disable antivirus software temporary
> *before* installing the update.
>
> > As far as plug-ins, Java, Shockwave, Flash.
>
> No Google/Yahoo/MSN bar? No nothing?
> You may want to verify that using third party tools like
> http://www.safer-networking.org/en/spybotsd/ or HijackThis.
>
> "Java" means the old yet unsupported MS Java engine or Sun's Java?
>
> Bye,
> Freudi
>

"MJOC" <> schrieb:

> "Ottmar Freudenberger" wrote:
>
>> "MJOC" <> schrieb:
>>
>> > Windows 2000 SP4. I don't remember the exat error and I have since cleared
>> > my event logs.
>>
>> That's a pitty. Install the Update again without having running any
>> application in the background. Disable antivirus software temporary
>> *before* installing the update.
>>
>> > As far as plug-ins, Java, Shockwave, Flash.
>>
>> No Google/Yahoo/MSN bar? No nothing?
>> You may want to verify that using third party tools like
>> http://www.safer-networking.org/en/spybotsd/ or HijackThis.
>>
>> "Java" means the old yet unsupported MS Java engine or Sun's Java?

> I tried all of that snd had the same problem.

What did you try exactly and which where the results? Which Java
VM/engine do you have installed?

> The update just sucks!

If you feel better now, that's fine. If you want to get help, try
to answer the questions. All of them. Step by step.

Bye,
Freudi

No, no toolbars of any kind. Don't allow that sort of unnecessary fluff tro
pollute my machine. Of course I am running the latest version of Sun Java,
who wouldn't be? Java 2 Platform Standard Edition Version 1.5.0 (build
1.5.0_08-b03).

I know every detail of what is on my machine. I do this for a living. I
run HJT religiously, no probelms there. I also run Ad-Aware, Spybot, and
A-squared every other day and do a full virus scan every week. I have no
problems, the issue was solely caused by the update. I installed it, I
started crashing in IE immediately, I realized it was the updates I just
downloaded, checked the update history to refresh my memory of exactly what
installed, and uninstalled the IE ^ SP! update. Problems stopped immediately.
--
Michael OConnor


"Ottmar Freudenberger" wrote:

> "MJOC" <> schrieb:
>
> > "Ottmar Freudenberger" wrote:
> >
> >> "MJOC" <> schrieb:
> >>
> >> > Windows 2000 SP4. I don't remember the exat error and I have since cleared
> >> > my event logs.
> >>
> >> That's a pitty. Install the Update again without having running any
> >> application in the background. Disable antivirus software temporary
> >> *before* installing the update.
> >>
> >> > As far as plug-ins, Java, Shockwave, Flash.
> >>
> >> No Google/Yahoo/MSN bar? No nothing?
> >> You may want to verify that using third party tools like
> >> http://www.safer-networking.org/en/spybotsd/ or HijackThis.
> >>
> >> "Java" means the old yet unsupported MS Java engine or Sun's Java?
>
> > I tried all of that snd had the same problem.
>
> What did you try exactly and which where the results? Which Java
> VM/engine do you have installed?
>
> > The update just sucks!
>
> If you feel better now, that's fine. If you want to get help, try
> to answer the questions. All of them. Step by step.
>
> Bye,
> Freudi
>