Minor change to VML exploit mitigation

In an earlier blog writeup, I had posted a mitigation for the VML exploit:

regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll

However, this may not work on foreign language versions of Windows.

So here is a more universal command:

1.

Click Start, click Run, type

regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll

and then click OK.

2.

A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box. The dialog box looks like this:

http www sunbelt software com ihs alex unreg012312312 thumb jpg

Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered.

To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with

regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll

Not having VML support is not a big deal as not many websites use it.

I’ve also updated the original post.