How Bad Things Happen More Unpatched VML Stuff...

From Websense-Blog comes a movie showing how the VML flaw would be exploited by malicious websites....

Now that we are seeing VML exploits proliferate the Internet, we thought it would be fun to grab a video capture of what happens when a workstation visits an infected site. We did a similar video when the WMF zero-day was released and our workstation was instantly flooded with Spyware applications and pop-ups galore. It was an impressive sight and obvious that you had just visited an infected site.

So, we fired up our trusty video capture tools and pointed a VMWare workstation at a random site where our miners had recently discovered an iframe containing a VML exploit.

But...what's this? Nothing happened, or so it seemed.

This one is well explained and very simple to understand everyone should check this one out. The blog entry can be found here or if one prefers just go straight to the video as it really drives the potential dangers of the issue home.