Petr Posted September 22, 2006 Share Posted September 22, 2006 There is new critical vulnerability in vgx.dll that also applies to IE on Windows 9x.Microsoft published this Security Advisory (925568)ZERT created an unofficial patch: http://isotf.org/zert/download.htmI have tested that fully patched IE 6.01SP1 on Windows 98 SE will crash.I have not tested other version of IE and other version of Windows.The ZERT patch does not work on Windows 98 but probably it could be possible to use it on Windows 2000 and copy the patched file to Win9x.Petr Link to comment Share on other sites More sharing options...
noguru Posted September 22, 2006 Share Posted September 22, 2006 Anyone tried this workaround advised by Microsoft?regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dllDoesn't work on my fully updated Win98se+IE6.0 SP1. I get a loadlibrary failed error. Link to comment Share on other sites More sharing options...
Fredledingue Posted September 22, 2006 Share Posted September 22, 2006 me too.What happens if you delete vgx.dll (instead of simply unregistering it)? Link to comment Share on other sites More sharing options...
noguru Posted September 23, 2006 Share Posted September 23, 2006 (edited) Well you can simply rename or delete it, also when Windows+IE is running. A registry checker will find it missing, so the unregistering failed indeed, but that's all I have noticed so far. Perhaps that a infected site can crash a browser because of this but that's better than downloading trojans.The test on the ZERT site says I am not vulnerable now after renaming vgx.dll, before that it didn't do anything on my system with the Maxton browser (based on IE engine), no crash just a blank page. I must say that I expected much more response in this topic because this vulnerability is a nasty one. Just visiting a wrong site can get you into trouble. No user interference needed! The number of bad sites is rising:http://www.techweb.com/wire/security/193004128Microsoft denies that it is this serious but is considering to release a patch outside the normal patch-cycle anyway Edited September 23, 2006 by noguru Link to comment Share on other sites More sharing options...
oscardog Posted September 23, 2006 Share Posted September 23, 2006 (edited) Well you can simply rename or delete it, also when Windows+IE is running. A registry checker will find it missing, so the unregistering failed indeed, but that's all I have noticed so far. Perhaps that a infected site can crash a browser because of this but that's better than downloading trojans.The test on the ZERT site says I am not vulnerable now after renaming vgx.dll, before that it didn't do anything on my system with the Maxton browser (based on IE engine), no crash just a blank page. I must say that I expected much more response in this topic because this vulnerability is a nasty one. Just visiting a wrong site can get you into trouble. No user interference needed! The number of bad sites is rising:http://www.techweb.com/wire/security/193004128Microsoft denies that it is this serious but is considering to release a patch outside the normal patch-cycle anyway I think if you must use I.E it is imperative to disable active scripting to disable javascript,vbs and activex,adding only sites you require in the trusted zone. I would also disable vbs via file association as any standard security feature. Unfortunately it seems they are going to bypass even this temporary defense shortly so use Firefox as a browser in the interim or a live cdLinkScanner http://linkscanner.explabs.com/linkscanner/default.asp Edited September 23, 2006 by oscardog Link to comment Share on other sites More sharing options...
eidenk Posted September 24, 2006 Share Posted September 24, 2006 And what about simply a killbit for vgx.dll ? Link to comment Share on other sites More sharing options...
oscardog Posted September 24, 2006 Share Posted September 24, 2006 I am presuming that what has been released has just scratched the surface as yet Link to comment Share on other sites More sharing options...
LLXX Posted September 26, 2006 Share Posted September 26, 2006 I'm not worried about this. Seriously. Link to comment Share on other sites More sharing options...
MDGx Posted September 26, 2006 Share Posted September 26, 2006 (edited) Official VGX.DLL fix ported to 98FE, 98SE, ME + NT4:http://www.mdgx.com/ietoy.htm#VGXListed here:http://www.msfn.org/board/?showtopic=46581HTH Edited September 27, 2006 by MDGx Link to comment Share on other sites More sharing options...
sam13484 Posted September 26, 2006 Share Posted September 26, 2006 Thanks for helping to circulate this unofficial IE925568 patch. I probably would have missed it in the original post. The work these "patch hackers" do is really appreciated by those of use still running 98/Me machines.I installed the patch and checked out the test page. My IE6SP1 browser running under Windows Me passed without any problems at all.We should have some kind of mailing list that will keep everyone in the loop when it comes to unofficial patches and upgrades. Link to comment Share on other sites More sharing options...
Petr Posted September 26, 2006 Author Share Posted September 26, 2006 Microsoft has released the official patch:http://blogs.technet.com/msrc/archive/2006/09/26/459194.aspxhttp://www.microsoft.com/technet/security/...n/MS06-055.mspxWindows 2000 patches contain:IE5.01 SP4 contains VGX.DLL 5.00.3845.1800IE6.0 SP1 contains VGX.DLL 6.00.2800.1580The patch has to be re-packaged for Windows 9x.Petr Link to comment Share on other sites More sharing options...
Guest smok3yjoint Posted September 26, 2006 Share Posted September 26, 2006 (edited) outstanding i grapped the vgx patch for xp from zert 2 days ago but im happy 2 see u got 9x covered u guys are awesome ,now this what a forums all about working to improve a os any os well done. Edited September 26, 2006 by smok3yjoint Link to comment Share on other sites More sharing options...
the_guy Posted September 26, 2006 Share Posted September 26, 2006 (edited) @Petr: I'm looking at it right now. It will be repackaged ASAP.the_guyEDIT: Microsoft also made an update to the Roots Update. Link is the same. Edited September 26, 2006 by the_guy Link to comment Share on other sites More sharing options...
the_guy Posted September 27, 2006 Share Posted September 27, 2006 Done of the update! It's at mytempdir until MDGx can host it at his site.This update replaces 883586 for XPSP2 and 890573 for IE6SP1.Link=here.the_guy Link to comment Share on other sites More sharing options...
MDGx Posted September 27, 2006 Share Posted September 27, 2006 (edited) Here are all official [+ unofficial 1 created using official VGX.DLL from official Win2000 SP4 fix] VGX.DLL patches:http://www.mdgx.com/ietoy.htm#VGX* Microsoft Internet Explorer 5.01 SP4/6.0/6.0 SP1/6.0 SP2 for Windows 98/98 SE/NT4 SP6a/2000/ME/XP/2003 Vector Markup Language (VML) VGX.DLL Security Vulnerability Fix (English):http://www.microsoft.com/technet/security/...n/ms06-055.mspx- MS IE 6.0 SP1 Patch for Windows 2003/2003 SP1/2003 R2 [892 KB]:http://download.microsoft.com/download/a/3...486-x86-ENU.exe- MS IE 6.0 SP2 Patch for Windows XP SP2 [784 KB]:http://download.microsoft.com/download/9/b...486-x86-ENU.exe- MS IE 6.0 SP1 Patch for Windows XP SP1 [803 KB]:http://download.microsoft.com/download/9/d...sXP-x86-ENU.exe- MS IE 6.0 SP1 Patch for Windows 2000 SP4 [1.42 MB]:http://download.microsoft.com/download/3/b...000-x86-ENU.exe- MS IE 5.01 SP4 Patch for Windows 2000 SP4 [1.22 MB]:http://download.microsoft.com/download/c/b...sp4-x86-ENU.exe- Unofficial MS IE 6.0/6.0 SP1 Patch for Windows 98/98 SE/NT4 SP6a/ME [1.03 MB]:http://www.mdgx.com/files/IE925486.EXEMore info:http://www.isotf.org/zert/Test VML:http://www.isotf.org/zert/testvml.htmthe_guy:Unofficial IE925486.EXE installs on 98FE, 98SE, ME + NT4, only with MS IE 6.0 or 6.0 SP1 installed.HTH Edited September 27, 2006 by MDGx Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now