Administrators are advised to apply the appropriate software updates.
Administrators may consider configuring Internet Explorer to prompt users before running Active Scripting or ActiveX controls by setting the Internet and Local Intranet security zone settings to High. Alternately, administrators could disable Active Scripting and ActiveX controls in these security zones.
Administrators are advised to prevent the Office Web Component ActiveX control from running in Internet Explorer by setting the kill bit on the following CLSIDs:
Administrators are advised to unregister the Office Web Components owc10.dll and owc11.dll libraries.
Users are advised not to visit websites or follow links that have suspicious characteristics or cannot be verified as safe.
Users are advised to run applications with the least necessary privileges.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.
Administrators may consider using the Microsoft Baseline Security Analyzer (MBSA) scan tool to identify common security misconfigurations and missing security updates on system endpoints.