rockman

https://technet.microsoft.com/library/security/ms14-021

Steve updated the page I previously posted: http://steve.grc.com/2014/04/28/a-quick-mitigation-for-internet-explorers-new-0-day-vulnerability/ "To immediately protect any use of Internet Explorer – yes, even on creaky old WinXP (the XPocalypse has been delayed): You must first open a command prompt window with administrative privileges. This is done by right-clicking on the Command Prompt icon in the start menu and selecting “Run As Administrator.” Commands issued within this window will have the privilege required to make system level changes. 32-bit systems only require the first command. But since 64-bit systems have both a 32-bit and 64-bit version of the vulnerable file, both commands must be used with them: regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll" regsvr32 -u "%CommonProgramFiles(x86)%\Microsoft Shared\VGX\vgx.dll" These commands unregister (-u) the VML renderer, making it inaccessible to the exploit attempt. Your IE browser will no longer be able to render vector markup language content, but it’s been unused on the web for many years. You can perform a “before and after” test to confirm that VML rendering has been disabled with this simple VML rendering of an office layout: http://www.vmlmaker.com/gallery/visio/office_layout.htm. The proper response is a BLANK PAGE. If you receive a notice that “A VML capable browser is required…” you must add the vmlmaker.com domain to IE’s “Compatibility View” for the test to function properly. This is done under the settings menu. "

Another mitigation is to run IE with ActiveX Filtering enabled. Enabling Tracking Protection should also help. Add EasyLists as well as automatically blocking content under "Your Personalized List". Only disable these blocks on trusted sites.

http://steve.grc.com/2014/04/28/a-quick-mitigation-for-internet-explorers-new-0-day-vulnerability/ It appears the only way to copy paste here anymore is to click the BBCode Mode which turns this into a plain text only posting.

Thank you for the response. Apparently this has something to do with the VML renderer. Like it was ever used in the first place... Therefore, I'll just type the fix into a command prompt as Admin to guard against this vulnerability: regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll" The new post editor is barely functional using IE11.

Are we protected with MBAE? For some strange reason, I can't paste anything into this text box.