Bize Ulaşın / Contact Us

Internet Explorer

Temporary fix for Internet Explorer Remote Code Execution Vulnerability SA2963983 – CVE-2014-1776

30 / 04 / 2014 by Internet Explorer Yorum yok / No Comments

Temporary fix for Internet Explorer Remote Code Execution Vulnerability SA2963983 – CVE-2014-1776

Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

To help mitigate issues due to CVE-2014-1776, as widely reported in the press, unregister %CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll. This library is required to use Vector Markup Language (VML), a now deprecated vector graphics format previously used in Microsoft Office applications.

 

Unregister VGX.DLL

For 32-bit Windows systems

Important: For this workaround to take effect, you MUST run it from an elevated command prompt.

  1. From an elevated command prompt enter the following command:

    A dialog box should appear after the command is run to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
  2. Close and reopen Internet Explorer for the changes to take effect..

 

For 64-bit Windows systems

Note The following commands must be entered from an elevated command prompt.

  1. From an elevated command prompt enter the following commands:

    A dialog box should appear after each command is run to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
  2. Close and reopen Internet Explorer for the changes to take effect.

 

Please visit the source of this post at  https://technet.microsoft.com/library/security/2963983 for more information and updates about the vulnerability.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

*

Kontrol / Control * Time limit is exhausted. Please reload CAPTCHA.