Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission + - Microsoft Offers Advice on New IE Zero-Day (

wiredmikey writes: In response to reports of a recently discovered Zero-Day vulnerability targeting versions of Internet Explorer 9 and earlier, Microsoft has confirmed the issue and has offered guidance to customers.

While a patch is developed, Microsoft says that using their EMET tool will mitigate the vulnerability. “Deploying EMET will help to prevent a malicious website from successfully exploiting the issue described in Security Advisory 2757760. EMET in action is unobtrusive and should not affect customers’ Web browsing experience,” Microsoft explained.

In addition, customers can set Internet and Intranet settings to high in order to block ActiveX and Active Scripting. Finally, customers also have the option to configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones.

The advice to use EMET won’t work in some organizations due to compatibility issues. But if switching browsers is an option, it’s a wise alternative, and EMET does have its uses if there are no compatibility issues. So the general advice isn’t wrong, it’s just not one size fits all.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Microsoft Offers Advice on New IE Zero-Day

Comments Filter:

Any sufficiently advanced technology is indistinguishable from a rigged demo.