Microsoft Tells IE Users how to Defend Against Zero-day Bug

Microsoft has yet to patch its latest critical Internet Explorer zero-day security flaw, but an advisory about the bug now offers two temporary solutions. Updated on Monday, Microsoft Security Advisory 2963983 offers new information about the new zero-day vulnerability that affects all versions of Internet Explorer. The flaw could allow remote code execution and has already been used in "limited, targeted attacks," Microsoft revealed, though those attacks have so far affected only IE versions 9, 10, and 11.

Microsoft explains how to enable Enhanced Protected Mode (EPM) in the "suggested actions" section of its advisory. The steps are outlined as follows:

1. To enable EPM in IE 10 or 11, click the Tools menu and then click Internet options.
2. In the Internet Options window, click the Advanced tab.
3. Scroll down the list of options until you see the Security section.
4. Look for the option to Enable Enhanced Protected Mode and click its checkbox to turn it on.
5. If you're running IE 11 in a 64-bit version of Windows, you also need to click the checkbox to Enable 64-bit processes for Enhanced Protected Mode.
6. Restart IE to force the new setting to take effect.