In an earlier blog writeup, I had posted a mitigation for the VML exploit:
regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll
However, this may not work on foreign language versions of Windows.
So here is a more universal command:
Click Start, click Run, type
regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll
and then click OK.
A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box. The dialog box looks like this:
Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered.
To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with
regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll
Not having VML support is not a big deal as not many websites use it.
I’ve also updated the original post.