This morning's SANs diary says that the infocon level is at Yellow. This happens pretty rarely, but it only elevates for a good reason. In this case a VML vulnerability and exploit have emerged in the last few days. You can read about CERTs description of it here.
There are a number of ways to get around the problem, but Microsoft has suggested a few. You can read their take on things here.
It turns out that one of the methods recommended by Microsoft is actually pretty easily done through Zen for Desktops.
%*WINDIR%\System32\regsvr32
And this in the Parameters:
-u "%*ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"
Set it to run in system impersonation and associate it how you will with a force-run and probably run-once. To undo it once the patch it out or you have confidance that your AntiVirus vendor will catch the bug, re-registering it the same way is just as easy.
Note: This is just a wild idea, not something we have running. We might, but we have several layers of approvals to get through before we push something like this out to everyone. Feel free to riff on this idea to your own needs.
There are a number of ways to get around the problem, but Microsoft has suggested a few. You can read their take on things here.
It turns out that one of the methods recommended by Microsoft is actually pretty easily done through Zen for Desktops.
As I said, this is fairly simple to do through ZenWorks. Create a new Application Object and enter in the details manually. Put this on the "path to file"
Un-register Vgx.dll
%*WINDIR%\System32\regsvr32
And this in the Parameters:
-u "%*ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll"
Set it to run in system impersonation and associate it how you will with a force-run and probably run-once. To undo it once the patch it out or you have confidance that your AntiVirus vendor will catch the bug, re-registering it the same way is just as easy.
Note: This is just a wild idea, not something we have running. We might, but we have several layers of approvals to get through before we push something like this out to everyone. Feel free to riff on this idea to your own needs.