Why activating NOW in Internet Explorer 11 the Enhanced Protected Mode is important

"Using EMET may break the exploit in your environment and prevent it from successfully controlling your computer. EMET versions 4.1 and 5.0 break (and/or detect) the exploit in our tests.
Enhanced Protected Mode in IE breaks the exploit in our tests. EPM was introduced in IE10.
Additionally, the attack will not work without Adobe Flash. Disabling the Flash plugin within IE will prevent the exploit from functioning.
http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html

this is how you do it

"Enable Enhanced Protected Mode For Internet Explorer 11 and Enable 64-bit Processes for Enhanced Protected Mode

Internet Explorer 11 users can help protect against exploitation of this vulnerability by changing the Advanced Security settings for Internet Explorer. You can do this by enabling Enhanced Protected Mode (EPM) settings in your browser. This security setting will protect users of Internet Explorer 11 on Windows 7 for x64-based systems, and all Windows 8 and Windows 8.1 clients.

 

To enable EPM in Internet Explorer, perform the following steps:

 

  1. On the Internet Explorer Tools menu, click Internet Options.
  2. In the Internet Options dialog box, click the Advanced tab, and then scroll down to the Security section of the settings list.
  3. Ensure the checkboxes next to Enable Enhanced Protected Mode and Enable 64-bit processes for Enhanced Protected Mode (for 64-bit systems) are selected.
  4. Click OK to accept thhanges and return to Internet Explorer.Restart your system .https://technet.microsoft.com/en-US/library/security/2963983 (also some other workarounds)

and from the same source for network administrators

Deploy the Enhanced Mitigation Experience Toolkit 4.1

The Enhanced Mitigation Experience Toolkit (EMET) helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit. EMET 4.1 is officially supported by Microsoft. At this time, EMET is only available in the English language. For more information, see Microsoft Knowledge Base Article 2458544.

 

Note EMET 3.0 does not mitigate this issue.

 

For more information about configuring EMET, see the EMET User's Guide:

 

  • On 32-bit systems the EMET User's Guide is located in C:Program FilesEMETEMET User's Guide.pdf
  • On 64-bit systems the EMET User's Guide is located in C:Program Files (x86)EMETEMET User's Guide.pdf

 

Configure EMET 4.1 for Internet Explorer

 

EMET 4.1, in the recommended configuration, is automatically configured to help protect Internet Explorer. No additional steps are required.

 

Configure EMET for Internet Explorer using Group Policy

 

EMET can be configured using Group Policy. For information about configuring EMET using Group Policy, see the EMET User's Guide:

 

  • On 32-bit systems the EMET User's Guide is located in C:Program FilesEMETEMET User's Guide.pdf
  • On 64-bit systems the EMET User's Guide is located in C:Program Files (x86)EMETEMET User's Guide.pdf

 

Note For more information about Group Policy, see Group Policy collection.

The comments are closed.