Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question About The Vml Exploit


  • Please log in to reply
15 replies to this topic

#1 killmypc

killmypc

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 22 September 2006 - 06:58 AM

Great Post by Grinler :thumbsup: Very Valuable Info!!

I have already unregistered the dll, but I am confused about how I will really know it's time to register it again. :flowers:

Will the patch from M$ be included in there Updates? (I assume it would). With Auto Updates on, I don't believe I will even know when its here. If the patch is applied before the dll is registered again, will the patch be a success?. Sorry if this is a stupid question, but I would like to make sure that this is resolved when M$ releases this.

I personally use Firefox now, but everyone else in the house uses IE.

Thanks ya'll

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:14 AM

Posted 22 September 2006 - 07:38 AM

The best scenario would be to register it before the October 10th update. Once the update is released that handles this exploit I will update the announcement so everyone knows. The reality is that the update will probably just replace the file so not having it registered before the update is released should not cause a problem.

#3 killmypc

killmypc
  • Topic Starter

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 22 September 2006 - 08:05 AM

Sounds good, thank you

#4 killmypc

killmypc
  • Topic Starter

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 26 September 2006 - 10:06 PM

Just to be Annoying... :thumbsup:

Is the patch for this KB925486 ? Just want to MAKE SURE I have it.!!

Thanks

Nevermind....Sorry :flowers:

Just found this...
Security Update for Windows XP (KB925486)
A security issue has been identified in the way Vector Markup Language (VML) is handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft.

:trumpet:

Edited by killmypc, 27 September 2006 - 06:23 AM.


#5 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,578 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:11:14 AM

Posted 26 September 2006 - 10:09 PM

This evening when I booted up, Iwas greeted by the patch.
It is KB925486. Got installed with no trouble, though the download took more time than 10 patches normally take.

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:14 AM

Posted 27 September 2006 - 07:34 AM

Yup..everyone should install it though.

#7 Dennis H

Dennis H

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:11:14 AM

Posted 27 September 2006 - 09:35 AM

Howdy,
I recieved the patch via automatic updates. Could someone please post how to re-install VML ?

I could have sworn I saw instructions in one of the forums a couple of days ago, but I can not find the information now.


Thanks for your time.

Dennis :thumbsup:

#8 killmypc

killmypc
  • Topic Starter

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 27 September 2006 - 09:40 AM

I believe what you are looking for is here...Here

But I believe the patch will do that for you... :thumbsup:

#9 Dennis H

Dennis H

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:11:14 AM

Posted 27 September 2006 - 09:42 AM

Thanks for the reply. So I may have it and not know it ?

Any idea on how I can check to see if it's installed ?


Thanks,
Dennis :thumbsup:

#10 killmypc

killmypc
  • Topic Starter

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 27 September 2006 - 09:49 AM

If you followed the instructions in this post before, all you did is unregister it(not delete it)...simply reregister it to be sure :thumbsup:

(edit) That didn't sound sarcastic did it? :flowers: wasn't intented that way... :trumpet:

Edited by killmypc, 27 September 2006 - 09:58 AM.


#11 Dennis H

Dennis H

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:11:14 AM

Posted 27 September 2006 - 10:01 AM

OK, just registered it.

Thanks,
Dennis :thumbsup:



EDIT: No, no offense here ! Besides I am such a computer knucklehead that I should be yelled at. :flowers:

Edited by Dennis H, 27 September 2006 - 10:05 AM.


#12 killmypc

killmypc
  • Topic Starter

  • Members
  • 221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:14 AM

Posted 27 September 2006 - 10:07 AM

:thumbsup:

#13 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:14 AM

Posted 27 September 2006 - 11:02 AM

For those who wish to read it, or to obtain a manual download for the VML exploit patch, the link to the MS Security Bulletin is here:

http://www.microsoft.com/technet/security/...n/ms06-055.mspx

Regards,
John
Whereof one cannot speak, thereof one should be silent.

#14 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:11:14 AM

Posted 27 September 2006 - 12:32 PM

Following the instructions from the original BC post regarding this issue, I unregistered the .dll and was patiently waiting for the 10th of October. Like the last time Microsoft issued a security warning for the zero-day exploit, they issued the drop dead date, then beat it by about two weeks.

Meantime, I unregistered the .dll and yesterday found that Microsoft had again jumped ahead and issued the patch.

The problem (I think) is that the patch downloaded and installed itself before I could reregister the .dll...I checked the Windows Update history list and it does not indicate a failure, but I can't help wondering if there is something else I need to do.
I DID go back and reregister the .dll but only AFTER the patch was installed. The batch file ran ok and I got the "successful" message.

Does anyone know if that will work OK or should I uninstall the patch, unregister the .dll then reregister it and re-install the patch?

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#15 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,665 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:14 AM

Posted 27 September 2006 - 12:42 PM

You are fine now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users