Everyone I'm sure has heard all the hype surrounding the VML bug in vgx.dll. To start off this vulnerability is extremely easy to exploit and it affects just about everyone on the internet in some way or another. The issue is simple stack-based buffer overflow in the VML implementation utilized in several applications to render Vector Graphics. The problem occurs when the vgx.dll library parses a VML fill method tag which contains a long string.

Internet Explorer, Outlook, Microsoft Office, all of these products are affected by this vulnerability. The funny thing is that everyone seems to only be targeting Internet Explorer. I think the reason for this is that Internet Explorer was the first product which was reported to be affected and no one seems to have thought much about the true ramifications of this issue.

Currently no one has published publicly any exploit for XP SP2. From what I have seen the issue is extremely easy to exploit for every platform and for every service pack. I myself have an exploit which works under XP SP2 using very similar methods to the publicly available exploits. From what I have heard it seems like there is some malcode out there which has also figured out how to get exploits working on XP SP2.

Microsoft has reportedly stated they plan on releasing a patch but will not do so until their scheduled patch release on the second Tuesday of October. This seems like a long time to wait for such a simple patch. However, this is the main draw back of scheduled patch releases. I have always though Microsoft should take a more proactive approach and release patches for simple issues a lot sooner than they do. Until that day comes Microsoft has issued a workaround for this vulnerability.