Buffer overflow in Internet Explorer vgx.dll (VML flaw)

Causes a denial-of-service (crash) and can allow remote access

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Feb. 8, 2007 3:06 p.m. PT

There's a previously unknown buffer-overflow vulnerability affecting Internet Explorer. Specifically, the new vulnerability exists within the Vector Markup Language (VML), a component that specifies vector images in an Extensible Markup Language (XML) document within IE. Current attacks try to execute Trojan horse programs that may allow remote access to a compromised system. While JavaScript is not necessary to exploit the vulnerability, the current attacks do use JavaScript. Thus the only workaround is to disable JavaScript within IE.

In response Microsoft has issued a rare, out-of-cycle patch. Microsoft traditionally issues new security patches on the second Tuesday of each month so that system administrators have time to test the patch before rolling it out to desktops on a network. But because details on how to make an exploit for this Internet Explorer have been posted on the Internet and because various third-party security vendors have issued their own patches, Microsoft rushed this patch.

Additional resources:

Microsoft: Patch MS06-055
US-CERT Technical Alert: TA06-262A
US-CERT Vulnerability Note: VU#416092
FrSIRT: #3679
Secunia: #21989

Mobile Guides

Phones

Foldable Phones

Headphones

Mobile Accessories

Smartwatches

Wireless Plans