Detecting Vector Markup Language (VML) issues on Windows Systems
Yesterday, Tenable's research group released Nessus plugin #22449 which can detect Windows systems that are missing a set of patches covered in Microsoft bulletin MS06-055. This patch fixes security issues related to Outlook and Internet Explorer's use of the Vector Markup Language APIs. Systems with this vulnerability are exposed to exploitation from visiting hostile web pages or receiving email designed to exploit the flaws in VML. The plugin is a patch audit and requires domain credentials to analyze the remote system. This plugin is available to all Direct Feed subscribers and Security Center users.
Related Articles
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!