> uninstall adobe flash and silverlight and never use IE.
Alternatively turn on ActiveX Filtering [1] in IE, whitelist [2] any websites that you need to run ActiveX controls on, make sure your plug-ins are up-to-date and install IE11 if you haven't already.
According to the Cyphort article linked above:
> Cyphort Labs researchers are still in the process of analyzing the Silverlight and flash exploits which exploit a known IE vulnerability (CVE-2013-2551). Angler EK is known to perform file-less injection (memory-based malware where nothing is written to disk).
As you can tell from the CVE number, the exploit used by Angler EK is quite old and doesn't affect IE11 [3] or older versions of the browser that have installed the KB2829530 hotfix [4].
> Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
Alternatively turn on ActiveX Filtering [1] in IE, whitelist [2] any websites that you need to run ActiveX controls on, make sure your plug-ins are up-to-date and install IE11 if you haven't already.
According to the Cyphort article linked above:
> Cyphort Labs researchers are still in the process of analyzing the Silverlight and flash exploits which exploit a known IE vulnerability (CVE-2013-2551). Angler EK is known to perform file-less injection (memory-based malware where nothing is written to disk).
As you can tell from the CVE number, the exploit used by Angler EK is quite old and doesn't affect IE11 [3] or older versions of the browser that have installed the KB2829530 hotfix [4].
> Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-1309.
[1] http://ie.microsoft.com/testdrive/browser/activexfiltering/a...
[2] http://withinwindows.com/blog/2011/02/10/short-manage-your-i...
[3] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2...
[4] https://technet.microsoft.com/library/security/ms13-037