Protect your browser against the Internet Explorer’s zero-day vulnerability

Microsoft presents some workarounds opposing the zero-day bug that leaves many users vulnerable to malware attacks.  They will soon release a patch for the recent crucial zero-day flaw. However, Microsoft offers momentary solutions for the latest bug that impacted on all Internet Explorer builds. Microsoft Security Advisory 2963983 propose latest information regarding this bug. This weakness lets remote code execution and being utilized in “limited, targeted attacks”. Most probably, this bug is extensive and critical; the US and UK security agencies have alarmed users on using Internet Explorer.

Microsoft advises the users to enable the Enhanced Protected Mode. This feature was introduced in IE 10, allowing the users to affix another layer of security so they can avoid malware from getting into your system. Microsoft describes the following steps on how to enable the Enhanced Protected Mode (EPM):

  1. If you are running Internet Explorer 10 or 11, click the Tools Menu and then go to Internet Options.
  2. Click the Advanced tab under the Internet Options box.
  3. Navigate to the Security Section of the list.
  4. Search for the Enable Enhanced Protected Mode and tick the checkbox beside it to enable it.
  5. If you are running Internet Explorer 64-bit version, tick the same checkbox to enable the Enhanced Protected Mode for 64-bit processes.
  6. Restart your Internet Explorer for the changes to take effect.

Enhanced Protected Mode (EPM) feature is only available in Internet Explorer 10 and 11 running 64-bit versions. Also, there are websites that will not run when it is enabled, not even the add-ons. If you are running older versions of Internet Explorer, don’t worry because there is still a solution. Just unregister the VGX.DLL file.

To unregister the VGX.DLL file in 32-bit PC, you need to run the command with an elevated command prompt:

“%SystemRoot%System32regsvr32.exe” –u “%CommonProgramFiles%Microsoft SharedVGXvgx.dll”

You will be prompted with a dialog box after running the command if the un-registration process is done successfully. Just click OK to close it and then restart Internet Explorer.

To unregister the VGX.DLL file in 64-bit PC, you need to run the command with an elevated command prompt:

“%SystemRoot%System32regsvr32.exe” –u “CommonProgramFiles%Microsoft SharedVGXvgx.dll”

“SystemRoot%System32regsvr32.exe” –u “%CommonProgramFiles(x86)%Microsoft SharedVGXvgx.dll”

You will be prompted with a dialog box after running the command if the un-registration process is done successfully. Just click OK to close it and then restart Internet Explorer.

Alternatively, you can also alter the settings in the Internet security zone to block ActiveX controls and Active Scripting. Just set the security level to high. To do this, follow the following steps:

  1. Click the Internet Options from the Tools menu.
  2. Click the Security tab and click Internet from the Internet Options window.
  3. Adjust the slider from the Security level for this zone and set it to High.
  4. Click the Local Intranet and adjust the slider to High from the Security level for this zone menu.
  5. Click OK and go back to Internet Explorer.

Remember that adjusting the security level to high will make some websites to work erroneously. If it happens and you are sure that the site you are trying to launch is safe, just add that particular site to the trusted sites so it will work properly. To do this, follow the steps below:

  1. Click Tools and then go to Internet Options.
  2. Click Security tab.
  3. Click “Trusted Sites” from the “Select a web content zone to specify its current security settings” and then click the “Sites” option.
  4. If you will add a site that do not need any encrypted channel, untick the “Require server verification (https:)for all sites in this zone” box.
  5. Enter the URL of the trusted site that you wish to add from the “Add this website to the zone” box, and then click Add.
  6. Do the same steps for every website that you wish to add.
  7. Click OK twice and return to Internet Explorer.

Aside from the suggested actions above to avoid the zero-day vulnerability, it is really advisable and more secure if we switch to a different browser until a patch became available.

SHARE

Related Tips