ISA Server Product Team Blog : Blocking VML with ISA 2004 & ISA 2006

Published 26 September 06 06:31 PM | tristank

The VML issue is still a hot topic in internal discussion. If you're an ISA Server admin, please take a look at the following information to help mitigate the risk:

http://www.microsoft.com/technet/security/advisory/925568.mspx discusses a vulnerability in the VML parsing dll which can result in an unpleasant experience.

http://www.microsoft.com/technet/isa/2006/how-to-block-vml.mspx discusses a methodology by which you can use ISA 2004 or ISA 2006 to block HTTP-based attacks targeted against this vulnerability.
Finally, http://isatools.org/block_vml.vbs automates the process of creating the proper HTTP Filter settings for you.
Tim's report was accurate (see my comments). I've updated the script to version 1.2 and reposted it. Many thanx to Tim for his discovery.
Thank you,
Jim Harrison (ISA Sustained Engineering)

Link to ISA Server Product Team Blog : Blocking VML with ISA 2004 & ISA 2006

Filed under: IT Pro / Sysadmin, ISA Server, Security

Comments

No Comments

New Comments to this post are disabled

Blog du Tristank

ISA Server Product Team Blog : Blocking VML with ISA 2004 & ISA 2006

Comments

Search

This Blog

Tags

Archives

Hacks

CoWorkers, Present and Past

ISA

Useful*

Syndication