Microsoft has announced an update to its security advisory for the recently disclosed zero-day flaw discovered in its Internet Explorer browser, clarifying the various suggested workarounds.

The flaw, identified as CVE-2014-1776, is said to affect all versions of Internet Explorer through 6 to 11, although FireEye Research Labs, which first spotted it, has only observed attacks in the wild affecting versions 9, 10 and 11. The threat isn’t quite as nightmarish as some have made out – CVE-2014-1776 uses Adobe Flash as an attack vector, and it requires visiting a specially crafted website in order to be exploited.

Previously, Microsoft said the best workaround while we’re waiting for a patch is to use Enhanced Protected Mode , a feature that’s found in IE 10 and 11 on 64-bit systems. Now however, Microsoft has updated this advice to say this fix “…will help protect users of Internet Explorer 10 on Windows 7 for x64-based systems, Windows 8 for x64-based systems, and Windows RT, and Internet Explorer 11 on Windows 7 for x64-based systems, Windows 8.1 for x64-based systems, and Windows RT 8.1.”

There’s a second workaround too, which is to alter the Access Control List (ACL) within the VGX.DLL Internet Explorer program file, the file description of which is “Vector Graphics Rendering (VML).”. Microsoft says to unregister the DLL with the following command line: “%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll”.

This is just as effective as the ACL method, but easier to execute and undo. The advisory also provides advice for reversing the ACL method.

Besides these methods, it’s still possible to mitigate attacks by deploying Microsoft’s EMET (Enhanced Mitigation Experience Toolkit) version 4.1. Because the vulnerability currently needs to exploit flash in order to work, disabling the Flash plugin should also mitigate attacks – however, this method may not be reliable for long, if hackers can find other ways to utilize the vulnerability without flash.

That’s not enough to convince government security response teams however. In light of Microsoft’s decision to end support for Windows XP, US CERT says that those who’re unable to follow the above recommendations should “consider employing an alternate browser”, while Sweden and the UK’s CERTs have both given similar advice.

“Users should also consider using alternative browsers, such as Google Chrome and Mozilla Firefox; and ensure that their antivirus software is current and regularly updated,” said CERT-UK in its advisory.

photo credit: ieteam via photopin cc