Hex Rays
Hex Rays Blog —  State of the art code analysis

ZERT patch

I think you have noticed that the site was down for a while. My web hoster again played the same trick: shut down the site with no notice. I’m leaving them.

While I was busy with all this stuff, the ZERT group has created a patch for the VML vulnerability. These guys did a really great job. Gil Dabah, who programmed the patch, deserves a special mention for his fast coding speed and the robustness of his code.

We all know that third party patches should be taken with caution. They can not be thoroughly tested in many environments as the official patches are. Yet the availability of such a patch is a good thing: at least you have a choice and can protect yourself today, without waiting the preprogrammed patch day.

If you use the Internet Explorer then either unregister vgx.dll (as Microsoft advices it) or install the unoffcial patch. It can be downloaded from http://isotf.org/zert.
UPD: Since the official patch is available, please use it: http:/update.microsoft.com.

Go to top of page