k lets get off the mark
1) Goto start/control panel/security center/manage security settings/
automatic updates/turn off auto updates.
2) Download service pack 2, google for it just don't use a microsoft site.
Use downloads .com or something similar
3) Go back to step 1) and repeat except set the last option to /download updates, but i will choose when to install them.
4) Goto Microshite .com (ok some might not see the joke microsoft) using exlorerer 6 and goto microsoft updates.
5) Install the active x
6) Download the updates using express installation not custom, i think theres only handful i cant remember.
7) Restart and the windows updates should start again automatically and let you know when to install them. There should be around 82 in total depending what you are running i suppose but every pc i do has around the same but i suppose thats because i set most home user pc's up one particular way in one particular order.
Restart the computer when asked then go back to step 1 and repeat.9) Download explorer 7 from the microsoft web page without downloading from the update section
not through the update page as that makes you down load the WGA tool first!!!
10) go to
and check your system
You will notice there is one Microsoft update missing This is the WGA tool. If there are any more like flash player goto the site needed and do the updates
You will also notice that Internet explorer is now installed with out add-ons so now no active x objects can be installed. Who cares use firefox
If you would like to use explorer 7 and want the add-ons well theres a bit of messing about but not too much so just follow the instructions and all will be fine.
11) Goto start/run/ and type GPEDIT.MSC
12) Goto Computer Configuration/Administrative Templates/Windows Components/Internet Explorer/Add-on Management
13) Right click Deny all add-ons unless specifically allowed on list properties/ set to disabled.
14) check using
and you will now find there are 2 updates need to be installed the WGA tool (KB942615) and also
KB938127 or (MS07-050). Ok we know we can ignore the first of the two so lets look at the latter.
14 august, 2007
Microsoft Security Bulletin MS07-050 - Critical
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)
Published: August 14, 2007
Version: 1.0
General Information
Executive Summary
This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
The security update is rated critical for supported releases of Internet Explorer 5.01, Internet Explorer 6, and Internet Explorer 7. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerability by strengthening the validation of requests to render VML within Internet Explorer. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.
Recommendation. Microsoft recommends that customers apply the update immediately.
Known Issues. Microsoft Knowledge Base Article 938127 documents the currently known issues that customers may experience when they install this security update. The article also documents recommended solutions for these issues.
Top of section
Affected and Non-Affected Software
The software listed here has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.
Affected Software
Operating System Component Maximum Security Impact Aggregate Severity Rating Bulletins Replaced by This Update
Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1
Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 5.01 Service Pack 4
Remote Code Execution
Critical
MS07-004
Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1
Remote Code Execution
Critical
MS07-004
Internet Explorer 6
Windows XP Service Pack 2
Microsoft Internet Explorer 6
Remote Code Execution
Critical
MS07-004
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Microsoft Internet Explorer 6
Remote Code Execution
Critical
MS07-004
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Microsoft Internet Explorer 6
Remote Code Execution
Critical
MS07-004
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Microsoft Internet Explorer 6
Remote Code Execution
Critical
MS07-004
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Internet Explorer 6
Remote Code Execution
Critical
MS07-004
Internet Explorer 7
Windows XP Service Pack 2
Windows Internet Explorer 7
Remote Code Execution
Critical
MS07-004
Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Windows Internet Explorer 7
Remote Code Execution
Critical
MS07-004
Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Windows Internet Explorer 7
Remote Code Execution
Critical
MS07-004
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Windows Internet Explorer 7
Remote Code Execution
Critical
MS07-004
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Windows Internet Explorer 7
Remote Code Execution
Critical
MS07-004
Windows Vista
Windows Internet Explorer 7
Remote Code Execution
Critical
None
Windows Vista x64 Edition
Windows Internet Explorer 7
Remote Code Execution
Critical
None
lets look a bit more
Vulnerability Information
Severity Ratings and Vulnerability Identifiers
Vulnerability Severity Rating and Maximum Security Impact by Affected Software
Affected Software VML Buffer Overrun Vulnerability - CVE-2007-1749
Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Critical
Remote Code Execution
Internet Explorer 6 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4
Critical
Remote Code Execution
Internet Explorer 6
Internet Explorer 6 for Windows XP Service Pack 2
Critical
Remote Code Execution
Internet Explorer 6 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Critical
Remote Code Execution
Internet Explorer 6 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Critical
Remote Code Execution
Internet Explorer 6 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Critical
Remote Code Execution
Internet Explorer 6 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Critical
Remote Code Execution
Internet Explorer 7
Internet Explorer 7 for Windows XP Service Pack 2
Critical
Remote Code Execution
Internet Explorer 7 for Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
Critical
Remote Code Execution
Internet Explorer 7 for Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
Critical
Remote Code Execution
Internet Explorer 7 for Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
Critical
Remote Code Execution
Internet Explorer 7 for Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
Critical
Remote Code Execution
Internet Explorer 7 in Windows Vista
Critical
Remote Code Execution
Internet Explorer 7 in Windows Vista x64 Edition
Critical
Remote Code Execution
Top of section
VML Buffer Overrun Vulnerability - CVE-2007-1749
A remote code execution vulnerability exists in the Vector Markup Language (VML) implementation in Microsoft Windows. An attacker could exploit the vulnerability by constructing a specially crafted Web page or HTML e-mail. When a user views the Web page or the message, the vulnerability could allow remote code execution.
So how can we get round this with add-ons installed?
Unregister VGX.DLL
1. Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
2. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.
Impact of Workaround: Applications that render VML will no longer do so once vgx.dll has been unregistered.
This security update does not automatically re-register vgx.dll so any applications that render VML will no longer do so until vgx.dll has been re-registered. To re-register vgx.dll follow, these steps:
1. Click Start, click Run, type "%SystemRoot%\System32\regsvr32.exe" "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll", and then click OK.
2. A dialog box appears to confirm that the registration process has succeeded. Click OK to close the dialog box.
• Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones
You can help protect against this vulnerability by changing your settings for the Internet security zone to prompt before running ActiveX controls. You can do this by setting your browser security to High.
To raise the browsing security level in Microsoft Internet Explorer, follow these steps:
1. On the Internet Explorer Tools menu, click Internet Options.
2. In the Internet Options dialog box, click the Security tab, and then click the Internet icon.
3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High.
Note If no slider is visible, click Default Level, and then move the slider to High.
Note Setting the level to High may cause some Web sites to work incorrectly. If you have difficulty using a Web site after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.
Impact of workaround: There are side effects to prompting before running ActiveX Controls and Active Scripting. Many Web sites that are on the Internet or on an intranet use ActiveX or Active Scripting to provide additional functionality. For example, an online e-commerce site or banking site may use ActiveX Controls to provide menus, ordering forms, or even account statements. Prompting before running ActiveX Controls or Active Scripting is a global setting that affects all Internet and intranet sites. You will be prompted frequently when you enable this workaround. For each prompt, if you feel you trust the site that you are visiting, click Yes to run ActiveX Controls or Active Scripting. If you do not want to be prompted for all these sites, use the steps outlined in "Add sites that you trust to the Internet Explorer Trusted sites zone”.
Add sites that you trust to the Internet Explorer Trusted sites zone
After you set Internet Explorer to require a prompt before it runs ActiveX controls and Active Scripting in the Internet zone and in the Local intranet zone, you can add sites that you trust to the Internet Explorer Trusted sites zone. This will allow you to continue to use trusted Web sites exactly as you do today, while helping to protect you from this attack on untrusted sites. We recommend that you add only sites that you trust to the Trusted sites zone.
To do this, follow these steps:
1. In Internet Explorer, click Tools, click Internet Options, and then click the Security tab.
2. In the Select a Web content zone to specify its current security settings box, click Trusted Sites, and then click Sites.
3. If you want to add sites that do not require an encrypted channel, click to clear the Require server verification (https:) for all sites in this zone check box.
4. In the Add this Web site to the zone box, type the URL of a site that you trust, and then click Add.
5. Repeat these steps for each site that you want to add to the zone.
6. Click OK two times to accept the changes and return to Internet Explorer.
enjoy
*bumping this to add a bit more*
After doing this you will now find that windows security is running and is permanently red.
To get rid of this annoying icon do this.
1. Goto start/control panel/performance and maintenance/administration tools/ services/windows security center/right click properties and disable
2. Goto start/control panel/performance and maintenance/administration tools/ services/automatic updates/right click properties and disable
Now when you run spybot it will find this done as spyware but don't worry about it. Just set the scan not to include that file on future scans.
