It won't take more than a few minutes to close a security hole in Internet Explorer that allowed attacks against Google. We show you how.

Following the recent attacks on Google, which lead to the search engine threatening to pull out of China, Microsoft's Internet Explorer has come in for a lot of criticism.

Microsoft has confirmed that an IE vulnerability was at fault for the Google attacks.

Microsoft spells out the details in its Security Advisory (979352) while a blog by Mike Reavey, director of Microsoft's Security Response Center (MSRC) provides more information.

The security advisory notes that IE 5.01 running on Windows 2000 was not vulnerable to the attack, but that IE6, IE7 and IE8 on Windows 2000, XP, Server 2003, Vista, Server 2008, Windows 7 and Server 2008 R2 are all at risk.

As of yet, you can't completely close the security hole.

However, there are ways to limit your exposure, notably using Protected Mode in IE on Windows Vista and Windows 7, and enabling Data Execution Protection (DEP).

Changing your IE security zone to 'High' will help as well.

Protected Mode in IE 7 on Windows Vista and later significantly reduces the ability of an attacker to impact data on a user's machine.

Customers should also enable Data Execution Prevention (DEP) which helps mitigate online attacks. DEP is enabled by default in IE 8 but must be manually enabled in prior versions.

Customers can also set internet and local intranet security zone settings to 'High' to prompt before running ActiveX Controls and Active Scripting in these zones or configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the internet and local intranet security zone.

Unfortunately, though, he doesn't detail how to do that. However, it's all relatively straightforward to do. Here's how.

Turning on Protected Mode

Turning on Protected Mode in IE 7 and IE 8 is exceedingly simple. Select Tools, then Internet Options, and click the Security Tab.

Then check the box next to Enable Protected Mode, as you can see in the screenshot above. You'll have to restart IE for it to take effect.

NEXT PAGE: Changing your security zone

  1. We show you how to close the hole in Microsoft's web browser
  2. Changing your security zone

Related articles:

It won't take more than a few minutes to close a security hole in Internet Explorer that allowed attacks against Google. We show you how.

Changing your Security zone to high

It's also quite simple to change your IE security zone to high. Select Tools and Internet Options, and click the Security Tab.

Then move the slider to High. You won't need to restart IE for this setting to take effect.

Enabling DEP

DEP is enabled by default in IE8. To turn it on in IE7, and to ensure that it's on in IE8, select Tools, Internet Options and click the Advanced tab.

Scroll down until you come to the Security section. Check the box next to 'Enable memory protection to mitigate online attacks' then click ok.

You can see it, below. You'll need to restart IE for the new setting to take effect.

As for IE6, I don't have a copy, so can't tell you how enable DEP from my own first-hand experience.

However, according to About.com, right-click My Computer, select Properties, then choose the Advanced tab.

Under Performance, select settings, then select the Data Execution Prevention tab.

Next, select the option to 'Turn on DEP for all programs and services except those I select'. Click Apply then click OK.

Microsoft has also released a tool that turns on DEP. To use it, go to this page and follow the instructions.

Will taking all these steps keep you safe from the Chinese Google-style attack?

Not completely, but it will keep you safer than if you don't do it. Pretty soon though, expect a patch from Microsoft to fix the problem.

See also: France joins Germany in Internet Explorer boycott

  1. We show you how to close the hole in Microsoft's web browser
  2. Changing your security zone

Related articles: