The Microsoft Internet Explorer Unsupported Version Detection vulnerability when detected with a vulnerability scanner will report it as a CVSSv3 10.
CVSS is a scoring system for vulnerability systems, its an industry standard scoring system to mark findings against a specific number ranging from 0 to 10. They are shown as:
According to its self-reported version number, the installation of Microsoft Internet Explorer on the remote Windows host is no longer supported.
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.
Either Upgrade to a version of Internet Explorer that is currently supported or disable Internet Explorer on the target device.
In most cases organisations would not require having Internet Explorer but on an odd chance that it is required then you must update it. The recommendation is to disable it.
To Internet Explorer using regedit, set the following registry key:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main]
“NotifyDisableIEOptions”=dword:00000001
Note: A restart will be required after making these changes.
To Internet Explorer using gpedit:
Open the Group Policy Editor.
Go to Computer Configuration/Administrative Templates/Windows Components/Internet Explorer.
3. Double-click Disable Internet Explorer 11 as a standalone browser.
4. Select Enabled.
5. Under Options, pick one of the following values:
Never if you don’t want to notify users that IE11 is disabled.
Always if you want to notify users every time they're redirected from IE11.
Once per user if you want to notify users only the first time they are redirected.
6. Open cmd .exe and run the command:
gpupdate /force