Unregister VGX.DLL for IE Zero-Day workaround

Post revised 4/30/2014

Over this past weekend (April 27, 2014), there have been numerous reports of another zero-day security flaw with Internet Explorer. Some sites have gone so far as to say :”stop using Internet Explorer” completely until this flaw is fixed.

But given that the vulnerability exists in a now deprecated VML vector graphics format, there is an easy workaround solution that is recommended by Microsoft and others — simply unregister the VGX.DLL system file that is associated with this deprecated format.

To unregister VGX.DLL manually

These instructions should work for XP, Vista, Windows 7, and Windows 8 computers. Before starting, you will need to know if you are running a 32-bot or a 64-bit version of Windows.

  1. Press “WIN“+R keys to display the Run window.
    WIN” = Windows key next to the ALT key. Press the “WIN” key like a Shift key, and then press the letter “R“)
  2. Type (or copy and paste) the following command into the Window, including the double quotes:
    “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”
  3. Wait for a response window to appear telling you that the command was successful.
  4. If you are running a 32 bit version of windows, you are done.
  5. If you are running a 64 bit version of Windows, you need to repeat steps 1-2-3, but using the following command instead:
    “%SystemRoot%\System32\regsvr32.exe” -u “%CommonProgramFiles(x86)%\Microsoft Shared\VGX\vgx.dll”

For more information:

https://technet.microsoft.com/en-us/library/security/2963983.aspx

http://nakedsecurity.sophos.com/2014/04/27/microsoft-acknowledges-in-the-wild-internet-explorer-zero-day/

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.