CERT 876678 - Microsoft Internet Explorer createTextRange vulnerability
CERT has issued the following bulletin with information and links related to the new unpatched vulnerabilities recently discovered in Internet Explorer.
Disable Active Scripting
Known attack vectors for this vulnerability require Active Scripting to be enabled. By disabling Active Scripting, the chances of exploitation are reduced. For instructions on how to disable Active Script in Internet Explorer, please refer to the Internet Explorer section of the Securing Your Web Browser document.
Additional workarounds are available in Microsoft Security Advisory 917077.