Today the news is breaking of a new Internet Explorer vulnerability and exploits of this vulnerability are live and actively being used by CyberCriminals. Our first reaction is to STOP USING Internet Explorer – but for some this just isn’t possible.
If you absolutely MUST use Internet Explorer, then we recommend that you change the default behavior from “automatically run” for ActiveX content, to “Prompt” – this will make your everyday browsing a bit more painful, so we suggest running a different browser, and using MSIE only for those sites where you really must use IE.
Here is how to set your ActiveX controls to “prompt” – first open the “Tools” menu, then select “Internet Options” – if you do not see the “Tools” menu – hit your ALT key once, and it should appear:
First step – open your Internet Settings…
Next, select the “Security” tab across the top tabs (in MSIE 11, it is next to General) – now click “Custom Level” to open your “Security Settings” for the Internet Zone – finally – change every ActiveX setting from enable/automatic to “Prompt”:
Second step – open Internet Zone + change enable to prompt or Disable for ‘approved domains’
Finally – click OK and Apply – we recommend restarting your computer to be sure that every browser window is closed and has the new settings.
Another option is to remove Adobe Flash (for which there was a release today) – and – or – Download, install *and* configure, the Microsoft EMET (Enhanced Mitigation Experience Toolkit 4.0) suite.