• ARTICLES
SEARCH

How-To Geek

Protect Yourself from the Latest Internet Explorer Security Hole

Sure seems like you hear the words “IE Security Hole” a lot, doesn’t it? Now there’s yet another security hole, and a malicious website could use it to get access to your files—it’s not a good thing, but here’s some quick tips to protect yourself.

Note that these are all workarounds, and don’t solve the actual vulnerability. These tips are helpful for any IE security hole, though.

Make Sure You Have Protected Mode Enabled

As with most IE security holes, if you’re running Windows 7 or Vista, you should enable Protected Mode, which runs Internet Explorer in something similar to a sandbox—basically it protects you from malicious web pages a little more (though not completely).

Just head into the Internet Options –> Security tab, and click the checkbox.

image 

Set ActiveX Controls to Always Prompt (or Disable Them)

If you just drag the slider in the screenshot above to High, you’ll have disabled ActiveX Controls from automatically running.

image

The unfortunate side effect of this is that you’ll be prompted more often when visiting sites that use ActiveX Controls. Microsoft recommends that you add sites that you really trust to your Trusted Sites list… you’ll probably have to uncheck that “Require https” checkbox at the bottom though.

To add a site to your Trusted Sites, click the Trusted Sites icon shown in the image above, and then click the Sites button, type in the website URL, and click the Add buttons. Clearly trust is a hard thing to earn…

image

Extra: Disable Unnecessary Plugins

Open up Tools –> Manage Add-ons from your IE menu, and then change the drop-down for “Show” to say “All add-ons”. This will then show you a list of all the current add-ons that are enabled, so we can start disabling stuff.

image

At this point you’ll have a massive list of add-ons, and you can start disabling them by clicking on them, and then clicking Disable. Important to note: Adobe Reader seems to have one security hole after another, and if you don’t really need Java you should get rid of it.

image

My general principle is to disable everything I don’t need (or just everything), and then only enable add-ons if I really need them. Bonus: Disabling add-ons is the quickest way to make IE run much faster.

Use Microsoft FixIt to Solve the Problem

One of the best things that Microsoft has come out with in the recent past is the “Fix it” feature on their support site—for many problems, you can simply launch a Microsoft-created utility that will solve your problem right there.

In this case, you can use Fix it to enable Network Protocol Lockdown. Just click the image below to head to the Microsoft site:

image

Use Microsoft Fix it to solve the Latest Security Hole

Read more information about the Latest Security Hole (as of February 4th, 2010)

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 02/4/10

Comments (4)

  1. Bobby Phoenix

    Just to clarify if you are running IE7 or IE8 in protected mode on Vista or Windows 7 this expliot does not concern you. Only if you are running the browsers without protected mode, or an earlier browser, or in XP or earlier, should you be worried.

  2. Yohan Perera

    I am using Google Chrome. But I followed your instructions as a precacution.

  3. 1fastbullet

    Am I mistaken, or didn’t I recently see a browser comparison that rated IE8 more secure than the Fox?

  4. col

    For several years now I have been taking the prevention is better than cure attitude towards IEx

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!