With the pending death of all versions of Internet Explorer prior to version 11 this January, Microsoft is making options available in its software to help enterprises eliminate potentially dangerous software.
After January 12, 2016, Microsoft will no longer provide security updates or technical support for older versions of Internet Explorer. Security updates patch vulnerabilities that may be exploited by malware, helping to keep users and their data safer. Regular security updates help protect computers from malicious attacks, so upgrading and staying current is important.
But, Microsoft is inherently aware that organizations move slowly – even with fair warning. So, to help companies protect the environment while using unsupported versions of Internet Explorer, it has delivered a new opt-in feature called Potentially Unwanted Application (PUA) protection. The feature is available for customers running System Center Endpoint Protection (SCEP), or Forefront Endpoint Protection (FEP) and when enabled and can be deployed as a policy through Configuration Manager or through Group Policy. When enabled, unwanted applications can be blocked during download so installation is never even accomplished.
To learn how to turn on and configure this policy, see here: How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager