Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, September 26, 2006

My Emergency Windows Update Plan

What scares you more? A flaw in Windows that could allow an attacker to compromise your computer or a solution downloaded to your computer which Microsoft has had less a week to figure out and test.  Believe it or not, the 2nd choice scares me more.

Here’s what Microsoft says today at update.microsoft.com:

A security issue has been identified in the way Vector Markup Language (VML) is handled that could allow an attacker to compromise a computer running Microsoft Windows and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

According to our friends at Sunbelt this new zero-day exploit was initially found on porn sites last week and has now migrated to Yahoo greeting cards.  Along with other great information, Alex Eckelberry offered my favorite suggestion; Disable VML. “Not having VML support is not a big deal as not many websites use it.”

Click on the Start menu and select Run…
To Disable VML copy and paste the following.
regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”

To ReEnable use the following command…
regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”

So here’s my plan.
I have already run the VML Disable command on all my systems.  (Thanks Alex)  I’m going to stay clear of Russian porn sites and won’t be tempted to click on any Greeting cards.  This won’t be hard for me since I don’t typically visit porn sites or trust greeting cards anyway.

Luckily, I also have my systems setup so they don’t automatically download and install Windows updates. I’m not going install todays patch from Microsoft because a week long development cycle just scares me more. I’m going to wait 10–14 days until I’m sure no new bugs are introduced.  At that time, I will Re-Enable VML and install the Microsoft update. Sound Good?

Microsoft Security Bulletin MS06–055

Share on Facebook


2 Comments:

Anonymous Anonymous said...

Thanks for the warning about the Microsoft patch. Thanks for the info about unregistering the dll.

Gonna turn off my auto updates right quick.

7:55 PM  
Anonymous Anonymous said...

This has been my Microsoft update routine for a couple of years; after getting in some predicaments downloading them right away. Several updates, I never did install. I usually wait 3-4 weeks, at which time Microsoft seems to get them right. In addition to Winpatrol Plus, I run my virus checker, ad-aware, and spybot daily...and have a switching router with firewall, and check my hosts file frequently. I also use Registry Fixer in an Older Ontrack Fixit Utilities to make find and repair or delete files and shortcuts and other items that are missing, or are not where they are supposed to be. What a pain in the butt it is to use Microsoft products.]

DCStrain

10:48 PM  

Post a Comment

<< Home