[BESAdmin-Announcements] Microsoft Security Advisory 925568 - Vulnerability in VML

Annoucements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Wed Sep 20 18:19:29 PDT 2006

Microsoft released Security Advisory 925568 on September 19th to inform
users of a known vulnerability in the Microsoft Windows implementation
of Vector Markup Language (VML). Detailed exploit code has been released
publicly that exploits this vulnerability. Microsoft plans to release an
update soon to address this issue. More information about the
vulnerability can be found in the Security Advisory:


Content is available in the "SANS Top Vulnerabilities to Windows
Systems" site that allows BES administrators to block known attack
vectors by implementing Microsoft's suggested work-arounds through BES:


Task "W03: Windows Libraries - Un-register OLE controls" (ID 3001) Task
"W03: Windows Libraries - Register OLE controls" (ID 3002)


These tasks allow you to un-register and re-register Vgx.dll. Note that
un-registering Vgx.dll will cause applications to no longer render VML.


Customers who are not subscribed to the "SANS Top Vulnerabilities to
Windows Systems" site can request an evaluation by contacting their
BigFix sales representative.


BigFix Product Team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20060920/9143294a/attachment.htm 

More information about the Besadmin-announcements mailing list