The images and processes listed below are for Windows 7 machines, though the process is almost identical for any version operating system.
What you are going to do is simply modify the security policy of the machine (or domain controller) to prevent access to 16-bit applications. This then disables the “DEBUG.EXE” process, which is what will effectively prevent the attack.
1.) Click START, and then RUN (if the RUN command is not visible in your start menu, simply right click on your start menu and customize the enabled features).
2.) Enter GPEDIT.MSC and press enter. (If you are prevented from accessing GPEDIT, you may not have security rights – OR you are using Windows HOME edition, which does not have this ability, and you will probably need to wait for Microsoft to release a patch)
Access to 16-bit applications disabled
3.) Within the Group Policy Editor, expand to the following;
[Local Computer Policy/Computer Configuration/Administrative Templates/Windows Components/Application Compatibility]
Select the setting “Prevent Access to 16-bit Applications”
Access to 16-bit applications disabled
4.) Select “Enabled” and click OK a few times to close all windows. Then “Log Off”.
Access to 16-bit applications disabled
5.) After logging back in, you can now test to see if it’s working. Click START, and then RUN. This time type CMD and press enter. This should bring up the black command window.
Type DEBUG and press enter. You should get a failure to run notice.
Access to 16-bit applications disabled
That’s it! Enjoy