Administrators are advised to apply the appropriate updates.
Administrators may consider configuring Internet Explorer to prompt users before running Active Scripting or ActiveX controls by setting the Internet and Local Intranet security zone settings to High. Alternately, administrators could disable Active Scripting and ActiveX controls in these security zones.
Users are advised to run applications with the least necessary privileges.
Users should verify that unsolicited links are safe to follow.
Users are advised not to visit websites or follow links that have suspicious characteristics or cannot be verified as safe.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.