If you've been paying attention, there's been quite a bit of confusion over which mitigation technique is the best to use when attempting to eliminate computers at risk over the severe flaw reported last weekend. Yesterday, Microsoft updated Security Advisory 2963983, to hopefully cut through the confusion and give a more defined direction and a distinct set of workarounds.
The Security Advisory updates include a clarification about Enhanced Protected Mode, better defined and more complete steps for unregistering a system file, and the removal of one workaround that was the cause of most of the confusion and chaos.
Per the FAQ, the Security Advisory was updated in the following manner:
- To clarify that the Enhanced Protected Mode workaround applies to both Internet Explorer 10 and Internet Explorer 11.
- To update the workaround steps for the Unregister VGX.DLL workaround to include running the command from an elevated command prompt and instructions for running the command for both 32-bit and 64-bit systems.
- To remove the Access Control List on VGX.DLL workaround. This workaround will still help protect users from the vulnerability, but it is no longer recommended by Microsoft because it has the same effect as the Unregister VGX.DLL workaround and is harder to deploy.
The full Security Advisory is here: Microsoft Security Advisory 2963983