While everybody waits for an Internet Explorer 10 patch to fix the recently discovered Flash glitch, Microsoft today rolled out a new security advisory aimed at IE 9 users.
The company hasn't yet released a downloadable patch, but instead it provided three essential steps
for all Internet Explorer 9 users who may be exposed to online attacks whenever they are loading a websites hosting malicious code.
Most of the attacks actually come down to installing the Poison Ivy backdoor trojan whenever a vulnerable user loads an infected website. Windows XP, Vista and 7 running IE 7, 8 and 9 are all affected.
Upgrading to Internet Explorer 10 is the easiest way to stay on the safe side, since this particular version isn't affected by this glitch, but Microsoft also recommends users to download and install the Enhanced Mitigation Experience Toolkit (EMET)
In addition, the company recommends users to “set Internet and local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones” and “Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones.”
Downloading and installing EMET won't affect the browsing experience at all, but instead it will prevent malicious content from exploiting the recently-discovered flaw. A standalone patch, however, will be released very soon, as Microsoft's security department is already working on it.
At the same time, the Redmond-based software giant is also developing a security update to address an issue found in Internet Explorer with Flash installed on Windows 8. The company initially planned to release an update together with the final version of Windows 8
on October 26, but according to recent statements, the patch should be released “anytime soon.”