Date: 04.28.14 - 11:01am
Well we have finally reached that point where XP has reached its end of life and a new Internet Explorer exploit has reared its ugly head.
From this point forward it is no longer safe to use IE8 anymore. (Actually it wasnt before either since in reality this bug has existed for a decade or so but thats another article)
So if you still have an old XP machines out there in use, you need to either trust your users to not use it, or you should look to disable it in some way. Microsoft will never fix this bug for IE running on XP.
You cant just delete it or rename it because it is protected with Windows File Protection. You could disable WFP and then do stuff..but thats pretty heavy handed.
If you have Windows XP Pro, the best approach I have found, is to set a security policy blocking access to iexplore.exe. If you used the NTFS file system, you could alternatively remove read/execute access to the file.
Another option, is to launch control panel and use the "Set Program Access and Defaults", however I do not like this approach as it only sets the file to hidden and removes the shortcut and does nothing to actually block it from running.
For XP Pro users, you can set the security policy with the following steps:
When you first run it, it will register itself to run on system startup. It will not display any user dialogs unless it finds a running IE process, or encounters an error. It takes very little processor resources or memory as well. You can download the application and vb6 source code here