Alec§taar
New Member
- Joined
- May 15, 2006
- Messages
- 4,677 (0.67/day)
- Location
- Someone who's going to find NewTekie1 and teach hi
| Processor | DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME)) |
|---|---|
| Motherboard | ASUS A8N-SLI Premium (PCIe x16, x4, x1) |
| Cooling | PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM) |
| Memory | 512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz |
| Video Card(s) | BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled |
| Storage | Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive |
| Display(s) | SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color |
| Case | Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans) |
| Audio Device(s) | RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!) |
| Power Supply | Antec 500w ATX 2.0 "SmartPower" powersupply |
| Software | Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers) |
Microsoft Security Advisory (925568)
http://www.microsoft.com/technet/security/advisory/925568.mspx
4 possible & working ways to stop this newly discovered vulnerability in VGX.DLL, some more "radical" than others, but they DO each work:
==========================================
A.) Use this 3rd party patch, noted by EWeek (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
http://www.eweek.com/article2/0,1895,2019162,00.asp
Download location:
http://isotf.org/zert/download.htm
Microsoft has tested the following workarounds below B-D. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
------------------------------------------------------
Microsoft's "Suggested Actions &/or Workarounds":
B.) Alter the Access Control List for removing the "EVERYONE" user group using this commandline (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
Note The following steps require Administrative privileges. It is recommended that the system be restarted after applying this workaround. It is also possible to log out and log back in after applying the workaround however; the recommendation is to restart the system.
Modify the Access Control List on Vgx.dll to be more restrictive
To modify the Access Control List (ACL) Vgx.dll to be more restrictive, follow these steps:
1. Click Start, click Run, type "cmd" (without the quotation marks), and then click OK.
2. Type the following command at a command prompt. Make a note of the current ACL’s that are on the file (including inheritance settings) for future reference in case you have to undo this modification:
cacls "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"
3. Type the following command at a command prompt to deny the ‘everyone’ group access to this file:
echo y| cacls "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll" /d everyone
4. Close Internet Explorer, and reopen it for the changes to take effect.
Impact of Workaround: Applications and Web sites that render VML may no longer display or function correctly.
Configure Internet Explorer 6 for Microsoft Windows XP Service Pack 2 to disable Binary and Script Behaviors in the Internet and Local Intranet security zone.
------------------------------------------------------
C.) IE PROTECTION USING SECURITY ZONES ON ACTIVEX CONTROLS (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
You can help protect against this vulnerability by changing your settings to disable binary and script behaviors in the Internet and Local intranet security zone. To do this, follow these steps:
1. In Internet Explorer, click Internet Options on the Tools menu.
2. Click the Security tab.
3. Click Internet, and then click Custom Level.
4. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.
5. Click Local intranet, and then click Custom Level.
6. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.
7. Click OK two times to return to Internet Explorer.
Impact of Workaround: Disabling binary and script behaviors in the Internet and Local intranet security zones may cause some Web sites that rely on VML to not function correctly.
------------------------------------------------------
D.) UNREGISTER THE VGX.DLL (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
To un-register Vgx.dll, follow these steps:
1. Click Start, click Run, type "regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"" (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered.
To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with "regsvr32 "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll”" (without the quotation marks).
==========================================
* Any of those 4 will work - they go from "least radical, to worst radical"...
APK
P.S.=> This bug also affects Outlook 2003 (full outlook, not outlook express), so keep in mind that setting it to read messages in TEXT form, or RTF form, is better than allowing it to render them in HTML...
I have stated this security fix before here, hope folks took note of it because it works to protect you against IE weaknesses in HTML rendering in email too!
Here is that part:
Read e-mail messages in plain text format to help protect yourself from the HTML e-mail attack vector
Microsoft Outlook 2002 users who have applied Office XP Service Pack 1 or a later version and Microsoft Outlook Express 6 users who have applied Internet Explorer 6 Service Pack 1 or a later version can enable this setting and view e-mail messages that are not digitally signed or e-mail messages that are not encrypted in plain text only. Digitally signed e-mail messages or encrypted e-mail messages are not affected by the setting and may be read in their original formats. For more information about how to enable this setting in Outlook 2002, see Microsoft Knowledge Base Article 307594.
Impact of Workaround: E-mail messages that are viewed in plain text format will not contain pictures, specialized fonts, animations, or other rich content. Additionally:
1. The changes are applied to the preview pane and to open messages.
2. Pictures become attachments so that they are not lost.
3. Because the message is still in Rich Text or HTML format in the store, the object model (custom code solutions) may behave unexpectedly.
apk
http://www.microsoft.com/technet/security/advisory/925568.mspx
4 possible & working ways to stop this newly discovered vulnerability in VGX.DLL, some more "radical" than others, but they DO each work:
==========================================
A.) Use this 3rd party patch, noted by EWeek (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
http://www.eweek.com/article2/0,1895,2019162,00.asp
Download location:
http://isotf.org/zert/download.htm
Microsoft has tested the following workarounds below B-D. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
------------------------------------------------------
Microsoft's "Suggested Actions &/or Workarounds":
B.) Alter the Access Control List for removing the "EVERYONE" user group using this commandline (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
Note The following steps require Administrative privileges. It is recommended that the system be restarted after applying this workaround. It is also possible to log out and log back in after applying the workaround however; the recommendation is to restart the system.
Modify the Access Control List on Vgx.dll to be more restrictive
To modify the Access Control List (ACL) Vgx.dll to be more restrictive, follow these steps:
1. Click Start, click Run, type "cmd" (without the quotation marks), and then click OK.
2. Type the following command at a command prompt. Make a note of the current ACL’s that are on the file (including inheritance settings) for future reference in case you have to undo this modification:
cacls "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"
3. Type the following command at a command prompt to deny the ‘everyone’ group access to this file:
echo y| cacls "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll" /d everyone
4. Close Internet Explorer, and reopen it for the changes to take effect.
Impact of Workaround: Applications and Web sites that render VML may no longer display or function correctly.
Configure Internet Explorer 6 for Microsoft Windows XP Service Pack 2 to disable Binary and Script Behaviors in the Internet and Local Intranet security zone.
------------------------------------------------------
C.) IE PROTECTION USING SECURITY ZONES ON ACTIVEX CONTROLS (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
You can help protect against this vulnerability by changing your settings to disable binary and script behaviors in the Internet and Local intranet security zone. To do this, follow these steps:
1. In Internet Explorer, click Internet Options on the Tools menu.
2. Click the Security tab.
3. Click Internet, and then click Custom Level.
4. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.
5. Click Local intranet, and then click Custom Level.
6. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.
7. Click OK two times to return to Internet Explorer.
Impact of Workaround: Disabling binary and script behaviors in the Internet and Local intranet security zones may cause some Web sites that rely on VML to not function correctly.
------------------------------------------------------
D.) UNREGISTER THE VGX.DLL (until VGX.DLL gets its "official MS Patch" on 'patch Tuesday' update on Tuesday, October 10, 2006):
To un-register Vgx.dll, follow these steps:
1. Click Start, click Run, type "regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"" (without the quotation marks), and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered.
To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with "regsvr32 "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll”" (without the quotation marks).
==========================================
* Any of those 4 will work - they go from "least radical, to worst radical"...
APK
P.S.=> This bug also affects Outlook 2003 (full outlook, not outlook express), so keep in mind that setting it to read messages in TEXT form, or RTF form, is better than allowing it to render them in HTML...
I have stated this security fix before here, hope folks took note of it because it works to protect you against IE weaknesses in HTML rendering in email too!
Here is that part:
Read e-mail messages in plain text format to help protect yourself from the HTML e-mail attack vector
Microsoft Outlook 2002 users who have applied Office XP Service Pack 1 or a later version and Microsoft Outlook Express 6 users who have applied Internet Explorer 6 Service Pack 1 or a later version can enable this setting and view e-mail messages that are not digitally signed or e-mail messages that are not encrypted in plain text only. Digitally signed e-mail messages or encrypted e-mail messages are not affected by the setting and may be read in their original formats. For more information about how to enable this setting in Outlook 2002, see Microsoft Knowledge Base Article 307594.
Impact of Workaround: E-mail messages that are viewed in plain text format will not contain pictures, specialized fonts, animations, or other rich content. Additionally:
1. The changes are applied to the preview pane and to open messages.
2. Pictures become attachments so that they are not lost.
3. Because the message is still in Rich Text or HTML format in the store, the object model (custom code solutions) may behave unexpectedly.
apk
Last edited:
