News

Symantec Releases Workaround Tool for MSFT IE Zero Day Vulnerability

Symantec Releases Workaround Tool for MSFT IE Zero Day Vulnerability

In response to the latest Microsoft Internet Explorer Zero Day vulnerability that affects all versions of Internet Explorer, Symantec is providing a script to mitigate against the attacks.

Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks. There is currently no patch available for this vulnerability and Microsoft has not, at the time of writing, provided a release date for one. This will be the first zero-day vulnerability that will not be patched for Windows XP users, as Microsoft ended support for the operating system on April 8, 2014.

Microsoft states that versions of the Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this vulnerability in Internet Explorer. The toolkit is available for Windows XP users as well. If using EMET is not an option, users can consider mitigating the issue by unregistering a DLL file named VGX.DLL. This file provides support for VML (Vector Markup Language) in the browser. This is not required by the majority of users. However, by unregistering the library, any application that uses the DLL may no longer function properly.

Also, some applications installed on the system may potentially re-register the DLL. With this in mind, the following one line of instruction can be executed to make the system immune from attacks attempting to exploit the vulnerability. This line of instruction can be used for all affected operating systems:

"%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

Symantec has developed a batch file* that can be used to perform the task for those who may be required to administrate large IT infrastructures. The batch file has the ability to verify the current state of the DLL file and unregister the DLL as needed. The script outlined in the batch file is very simple and can be used as a basis to customize the code to fit the needs of certain system environments.

Recommendations like the one above may not be possible for future vulnerabilities. Symantec recommends that unsupported operating systems such as Windows XP be replaced with supported versions as soon as possible.

*users will need to rename the file using a .bat extension

All Reponses

Please login to comment or register here.
No Comments currently, be the first to roll the ball.

All News Categories

News for Past 12 Months

Subscribe to HWZ Here!

Subscribe now to receive latest tech news, articles and promotions straight to your inbox!
 
 
By signing up, you indicate that you have read and agreed to the and .