Microsoft clarifies workarounds for IE zero day

Summary:Advisory for IE vulnerability now clarifies role of Enhanced Protected Mode and VGX.DLL

Microsoft has updated their advisory for the recently-revealed zero day vulnerability in Internet Explorer to clarify workarounds.

The vulnerability, disclosed over the weekend, affects all versions of Internet Explorer, but the attacks observed in the wild affect only versions 9, 10 and 11. The vulnerability uses Adobe Flash as a vector.

One workaround is to use Enhanced Protected Mode, a feature of Internet Explorer 10 and 11 on 64-bit systems. The first version of the advisory was in accurate as to the versions of IE for which the workaround was available.

The advisory now says that enabling it "...will help protect users of Internet Explorer 10 on Windows 7 for x64-based systems, Windows 8 for x64-based systems, and Windows RT, and Internet Explorer 11 on Windows 7 for x64-based systems, Windows 8.1 for x64-based systems, and Windows RT 8.1." EPM is enabled by default for the Modern UI (Metro) versions of IE, but not for the desktop versions.

Another workaround in the first advisory was to change the Access Control List (ACL) for one IE program file, VGX.DLL, the file description of which is "Vector Graphics Rendering (VML)."

The advisory now says to unregister the DLL with command lines included in the text of the advisory. This is just as effective as the ACL method, but easier to execute and undo. The advisory also provides advice for reversing the ACL method.

Topics: Security, Microsoft, Windows

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.