"Attackers could exploit the bug to remotely control a PC, and so users are being urged to download updates." So no bad guy has taken advantage of this during the 19 years "but worked with Microsoft to fix the problem before going public." Good, other "researchers" should do the same.
Solutions and Recommendations From MrBrians's link My solution Install a Script intercepter/blocker such as ScriptDefender http://www.analogx.com which works fine on, for eg my XP/SP2. Try it on your OS
From the article: Microsoft Security Bulletin MS14-064 - Critical https://technet.microsoft.com/en-us/library/security/ms14-064 It appears that if you don't use Internet Explorer, this exploit on a web page won't run. ---- rich