UnitedForums - UK Web Hosting Forum UnitedHosting Community Hosting Forums
Network and Server StatusCustomer SupportUK Web Hosting
UnitedHostingUnitedHosting Sitemap UK Hosting ForumUK Web HostingWeb Hosting ForumsUK Reseller HostingWeb Host CommunityUK Managed Dedicated ServersHosting Help and SupportUK Domain Name Registration

Go Back   UnitedForums.co.uk > UnitedHosting News > News & Announcements
Microsoft IE 6 remote administrative exploit Microsoft IE 6 remote administrative exploit

Reply
 
Thread Tools Rate Thread Display Modes
Old 22nd September 2006, 07:24 AM   #1 (permalink)
UH-Tony
Senior Server Administrator
 
UH-Tony's Avatar
 
Join Date: Mar 2006
Location: Houston, TX USA
Posts: 492
Microsoft IE 6 remote administrative exploit
Information provided by UH-Ryan:



There is presently a remote exploit with IE6 that can allow an attacker to gain administrative access to any Windows workstation, server or desktop running any version of IE6. There is currently no patch or hot-fix issued by Microsoft to address this issue. There is currently published exploit code on news groups and security web sites with ample details on taking advantage of this exploit through nothing more than a victim “viewing” a web page – one need not even click in the web page, just simply open it and you are exploited.



For further information on this issue please refer to:

http://www.microsoft.com/technet/sec...ry/925568.mspx

The most important notes in the above link are the “Mitigating factors” which discuss how this exploit can be taken advantage of and what factors contribute to its success and failure in exploitation.

Symptoms of exploitation involve multiple program crashes and in the error details from the crash report windows generates, you will see the file “vgx.dll”. If you have experienced this issue in the last 7 days then it is possible you have been exploited. The only way to correct the matter is to completely reinstall windows, this should be done as soon as possible so that an attacker has no chance to modify local files or backups.

This exploit affects a component of IE6 called VML, it is not an important feature in IE in terms of general web surfing and conducting business online. I would strongly encourage everyone to Disable VML support on there computers as soon as possible. The list of mitigating factors in the above URL will assist with identifying what system setups may be exploitable however if you don’t know what VML is or have no use for it, disable it till such time a patch is released.

Disable VML
Start > run
regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll

Enable VML
Start> run
regsvr32 "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll

Once completed please close all your web browsers and re-open them, this change does not require a reboot. If you have any questions or concerns on this matter please feel free to contact me.
__________________
.
Tony
UnitedHosting Staff

For official support please use our helpdesk at UnitedSupport.co.uk

UnitedHosting proudly hosting more than 20,000 sites since 1998.
UH-Tony is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT. The time now is 10:43 PM.
Archive - Top

UK Web Hosting  |  UK Reseller Hosting  |  UK Dedicated Servers UnitedHosting  |  UnitedSupport  |  UnitedForums  |  SEO by vBSEO 3.0.0
Copyright © 1998-2008 United Communications Limited. All Rights Reserved. Registered in England and Wales 3651923 - VAT Reg No. 737662309