In its security updates Patch TuesdayThe Microsoft has added a new option to Windows that allows system administrators to disable JScript in Internet Explorer.
The JScript scripting engine is an old element that was first included in Internet Explorer 3.0 in 1996 and in the Microsoft dialect for the ECMAScript standard (JavaScript language).
Over the years, the maliciousUsers realized they could attack JScript since Microsoft did not update it often.
The CVE-2018-8653, CVE-2019-1367, CVE-2019-1429 and CVE-2020-0674 are some of the recent 0days for JScript that Microsoft has encountered over the past three years.
Now, 11 years later Microsoft is finally giving system administrators a way toactivationof JScript by default.
According to Microsoft, Patch Tuesday October 2020 brings new keys in the Windows registry that system administrators can change to block file jscript.dll.
How can this happen:
Open run with search, and type regedt32 or regedit.
To turn off JScript in Internet Zone, you need to find the following key in Registry Editor:
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\140D
Locate the following subkey in Registry Editor:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ Zones \ 4 \ 140D
Right-click the registry subkey, and then click Modify.
In Edit DWORD (32-bit) value, type 3.
Click on button OK and then restart Internet Explorer.
