The SANS Internet Storm Center has downgraded its Internet security rating from "Green" to "Yellow" this afternoon, amid reports of rampant exploitation of the VML (Vector Markup Language). Web-based attacks using the new exploit were first reported by antispyware vendor Sunbelt Software on Monday. The SANS Internet Storm Center has downgraded its Internet security rating from “Green” to Yellow this afternoon, amid reports of rampant exploitation of the VML (Vector Markup Language). Web-based attacks using the new exploit were first reported by antispyware vendor Sunbelt Software on Monday. Since then, the attack — which was at first thought to affect only the Internet Explorer Web browser, has been found to also be able to exploit some versions of Microsoft’s Outlook email client, which have been used in phishing email attacks. SANS writes that attacks using the VML exploit, and raised its threatcon to Yellow today so that readers would “consider fixes.” “The exploit is widely known, easy to recreate, and used in more and more mainstream websites. The risk of getting hit is increasing significantly.”What fixes you say? Funny you should ask. First off, a new and unofficial patch for the VML hole is circulating from a group of respected security researchers that calls itself ZERT, for Zero Day Emergency Response Team. Microsoft has issued an advisory on the VML issue here. For those disinclined to apply the unofficial patch, SANS recommendsOutlook (including outlook 2003) is – as expected – also vulnerable and the email vector is being reported as exploited in the wild as well.-Updating your antivirus software, make sure your vendor has protection for it. -Unregistering the following vulnerable dll:regsvr32 -u “%ProgramFiles%Common FilesMicrosoft SharedVGXvgx.dll”or regsvr32 /u “%CommonProgramFiles%Microsoft SharedVGXvgx.dll”-Stop using IE.Good luck! Security