A new zero-day exploit in Internet Explorer making the rounds has security experts from Microsoft and Google on their heels. The drive-by flaw is being used to gain access to Gmail accounts and remains unpatched as of writing, although Microsoft has issued a downloadable tool to block the exploit from being used.
Recommendations:
· IE users are encouraged to download a tool that blocks the attack vector while a full patch is being developed.
· Using the Enhanced Mitigation Experience Toolkit which helps to prevent software vulnerabilities.
· set up Internet Explorer to provide a prompt before running Active Scripting or disabling Active Scripting in the Internet and Local intranet security zone.