From ZDNET.com

A supercritical zero-day IE flaw has been released in to the wild by a reckless British company. There are no patches available as of 11/22/2005. Here is what you can do now to protect yourself. You must disable "Active Scripting" on all Windows computers running Internet Explorer 5.5 or 6.0 even if you have Windows XP SP2 installed.

Open Internet Explorer and hit the "Tools" menu and click "Internet options". Jump to the "Security" tab, highlight "Internet" and click "Custom Level".



This is what you would normally see if you scrolled down to "Scripting" section. This is NOT safe!



Change it to the following settings and click "OK"



Although this will protect you from malicious websites, it can break certain web pages. To avoid this in the future. you just need to make sure they're listed under your "Trusted sites" group. To add a trusted site, highlight "Trusted sites" and then click the "Sites" button.



To add a site, just type *.my_favorite_domain.com" and click "Add".



Close everything out and your home PC will protected against this new exploit.

this article originally appeared on ZDNET.com November 22, 2005, Posted by George Ou