Microsoft now lets you disable insecure JScript in Internet Explorer

Must Read
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. In her free time, she is a modest family woman who loves traveling.

After the October 2020 patch, Microsoft has added the option to windows that let system admins disable the JScript element inside the Internet Explorer.

The JScript scripting engine is an old segment that was originally incorporated with Internet Explorer 3.0 in 1996 and was Microsoft’s own language specification in the form of an Active Scripting engine.

With the release of Internet Explorer 8.0 in 2009, development on the JScript engine ended, and the component was depreciated. However, the engine prevailed in all Windows OS versions as a legacy component inside IE.

Over the years, malicious actors recognized that they could target the JScript engine, as Microsoft wasn’t regularly developing it and just occasionally shipped security updates, only while been attacked by malicious actors.

A few of the recent JScript zero-days that Microsoft had to cope with within the last three years are— CVE-2018-8653CVE-2019-1367CVE-2019-1429, and CVE-2020-0674.

Now, 11 years following depreciating the component, Microsoft is eventually offering system administrators a means to disable JScript execution by default on internet explorer.

How to Disable JScript on Internet Explorer

Specifications on how this can be done are available below, as taken from Microsoft’s documentation.

  1. Click on Start, then click Run, and type regedt32 or regedit, and then click Ok.
  2. In order to disable JScript execution in Internet Zone, find the following registry subkey in Registry Editor:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\140D

    In order to disable JScript execution in Restricted Sites Zone, find the following registry subkey in Registry Editor:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\140D
  3. Right-click the associated registry subkey, and then click Modify.
  4. In the Edit DWORD (32-bit) Value dialog box, then type 3.
  5. Click OK, and then restart the Internet Explorer.

After successfully doing this, the Internet Explorer will no longer execute JScript from sites utilizing IE legacy document modes (IE9 and earlier versions), and also those that are in the Restricted Sites Zone or Internet Zone.

To re-enable JScript execution for one or both security zones, you will need to set the value of the corresponding registry subkey to 0 and also will require to restart Internet Explorer for the changes to take effect.

Are you looking for more security updates? Subscribe to our Newsletter for the latest security news and latest software news right from the security and research industries. If you have any doubts, queries, or suggestions, please comment below in the comment box.

spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -spot_img
Latest News

Windows 11 22H2 build 22621 Update Ready for Release

This week, Microsoft silently finalized Windows 11 22H2 build 22621 as RTM; so this implies that the next feature...
- Advertisement -spot_img

More Articles Like This