Thanks Seth.  

e “Enhanced Protection Mode” turned on. Y

Screw 'em. I'm on XP/IE8

Thanks Seth.  Will check, don't remember if its enhanced or not.  I don't browse with IE.... anyway. 

The truth? I use Chrome...and I have EMET 4.1 - it's free from MS.

I use Chrome and never IE cause its butfugly.

Elana:

For more info:

http://www.ghacks.net/2014/04/28/can-internet-explorers-latest-0-day-vulnerability-april-2014/?_m=3n%2e0038%2e1228%2ehj0ao01hy5%2e19vz

Just found this.

https://www.yahoo.com/tech/new-security-flaw-affects-all-versions-of-internet-84085229159.html

Has it yet been or can it be determined what systems would the attacks most likely be against (Government, Industry, Home Users)?  I want to apply the appropriate actions to prevent an attack on my system but I don't want to take unnecessary steps.  I have anti-virus and malware programs, each morning I check for updates.  I run full scans once a week and make backups, I also do quick scans every evening before turning off the computer. 

I have turned on Enhanced Protection Mode.

Would I be incorrect in expecting that sites such as Stardock/WinCustomize have all ready taken necessary and appropriate actions?

Philly:

The primary infection comes through email. Then the remote executing code comes in when infected websites are browsed.

It will act on ANY computer, and the damage done depends where the computer is/used for.

Homeland Security, IT experts and yours truly say: Do what you can to fix IE but SWITCH BROWSERS until MS patches IE,.

Thanks seth, the dialog box was very counter intuitive.   

Running your computer system(s) from a 'least privilege' perspective (not using the 'admin' account and using the local security policy to lock down privileges further) is and always will be the single most important defensive tactic one can employ to combat malicious code execution (remote or otherwise).  Do yourselves a favour and reserve the 'admin' account for related 'admin duties' and browse/use the computer using a regular (limited privilege) account.  Honestly, every other type of 'precaution' one can think of (switching browsers, adding more security software, performing more scans etc. etc. etc.) combined don't amount to the level of overall system protection one garners through simply running one's PC with 'least privilege'.

 Of course applying any/all related security patches as they become available is always advisable.  No need to leave the barn door open....

@ Doc, as always.......thanks for the info! 

SF Chronicle story: The company is working on a fix which it plans to provide in a software update on May 13.

I didn't see anything about IM concerns. I wouldn't know since I don't IM anyone but curious now; is the IM application browser dependent.

@ the_Monk: You're not getting away with your cleverly disguised attempt to not prepare the article I want from you.

If you just do a paragraph or two per day, you'll finish with no strain, you know...

And I do agree that the best line of defense is the local and group security policies...so...we all continue to await your tutorial.

You're certainly welcome, the_Monk.

@ gmc2:

IM concerns are the same as those for email, namely passing infected files which then compromise the browser (IE) and then, when the browser comes to an infected site, the remote access malware compromises the computer.

Local news has the following story about IE:

http://www.kgw.com/news/Homeland-Security-Dont-use-IE-browser--257075001.html

thanks for the clarification Doc.