-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 List Readers: I've posted a new blog entry on SecuriTeam regarding the Internet Explorer VML issue: http://blogs.securiteam.com/index.php/archives/624 It details mitigation steps you can take to prevent or mitigate the exploitation of this vulnerability, with particular relevance to the in-the-wild exploits we've seen targeting this issue. The new workarounds/mitigations include: * Software-enforced DEP on Windows XP SP2 * Running with limited privilege * Using Software Restriction Policies to achieve this on XP SP2. Please direct any comments to me off-list or to the blog post. Regards, Matt Murphy -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) Comment: New (15 May '06) Key: Fetch from pgp.mit.edu; ID=0x2257C33F iQIVAwUBRRGaZnXzqEAiV8M/AQpF+hAAmncQxqC2IAzfyrLVai43waz+CLnuwEOt QLEfbADCDzQHVPI4fX3G2jCthue7L4/6po506pOL7FR/fiLwE97UdG0nPuxWlYyr C7KMbnkRIji+XqMayzDyEQ//0eiFIMY8rkODZJQCz3oIK3V3hNMtNFZ4+fTmKDzQ H2ce3SyxgJkPCf0Pu18DfywvgycxyZHmIvat32fGw5GlUF9MD8wS8/cCRHUO6IFH r2gp54fUiZr90FWoUVbCmxB+6T9p0hSc4nVIvO08t/LmrxXuwq2paoW/K/Ddo6E8 cObMuT2XA11O9vSygE7G8FKSrTpzFB6UEYkLhJJteyuTWmJVf6kqAXRVB3JNXbxN I36DaQ3iVywGiouSD/8TD9qwWlzSzmGdKtYbFsSve1RCmje3rZsFJF7wiMTkwM+w LMmyJBAHA7iWKrCwmbDwKk0ERU5mVoY1r/1lM+GwwtZ4v76+fToJI1pIFQcKJEeH btpNLOF+PbjqTjpv19Cww0lx46JNxJXvbmNppi+V7+Wk7p09qNQid+0QqFAQxIg1 HNoMHJWmJI57BTAtiqO+6sIAlCh6dpP/GMW3FoJvWqIeLkM6DeYxnyWdqGWTGUNY us1g6XPo/3KYl7DQBb3IdCY/xt4PhpBTyYXv7qts/O/NM0gmQvae2DpWVEwhfHgQ l6AufCINsUA= =VIUn -----END PGP SIGNATURE-----
