Microsoft adds option to disable JScript in Internet Explorer

In the October security update, Microsoft has added an option that will allow system admin to disable JScript in Internet Explorer. From now a system administrator can disable JScript component.

JScript was first supported in Internet Explorer 3.0. JScript development was stopped after Internet Explorer 8.0 release but the engine remained in the OS as a legacy component inside IE. The original JScript is an Active Scripting engine.

A lot of people think that JScript and JavaScript are different but similar languages. That’s not the case, they are just different names for the same language, and the reason the names are different was to get around trademark issues

Since Microsoft wasn’t active on JScript malicious attacker realised that they can attack the JScript engine and over past years threat actors were actively exploiting CVE-2018-8653, CVE-2019-1367, CVE-2019-1429, and CVE-2020-0674 most recent JScript zero days.

After Microsoft ships the emergency security patch a proof of code is also uploaded on the GitHub and these vulnerabilities goes into the exploit bag of the exploit developers.

Now Microsoft is finally giving system administrators a way to disable JScript execution in Internet Explorer by default. 

In the October 2020 patch, Microsoft released registry keys that system admins can apply and block the jscript.dll from execution codes.

Here are the steps to disable JScript in Internet Explorer as taken from Microsoft documentation.

Step 1: Press Ctrl+R and type regedt32 or regedit, and then click Ok

Step 2: To disable JScript execution in Internet Zone locate the following registry subkey in Registry Editor:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\140D

Step 3: Right-click on appropriate registry subkey, and then click on Modify.

Step 4: In the appropriate subfolder, create a registry value of type DWORD and name it EnableJScriptMitigation.

Step 5:In the Edit DWORD (32-bit) Value dialog box, type 1.

Step 6: Click Ok.

Satender Kumar

A tech Blogger always fascinated with the technology and gather as much amount of knowledge from the internet. Loves to share the knowledge with the others.

Leave a Reply

Your email address will not be published. Required fields are marked *