Internet Explorer, the gift that keeps on giving. Looks like we have a brand new JScript bug. According to ADV200001: A remote code execution vulnerab
[See the full post at: Yet another JScript vulnerability]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Yet another JScript vulnerability
Home » Forums » Newsletter and Homepage topics » Yet another JScript vulnerability
- This topic has 20 replies, 13 voices, and was last updated 3 years ago.
AuthorTopicViewing 8 reply threadsAuthorReplies-
abbodi86
AskWoody_MVPJanuary 17, 2020 at 5:24 pm #2086433Yes, let’s hope they don’t repeat September debacle 🙂
2 users thanked author for this post.
-
fernlady
AskWoody LoungerJanuary 17, 2020 at 7:55 pm #2086474I’m a home user with one windows7 computer and have Firefox 72.0.1 as my default browser, should I disable JScript in IE11?
Under Scripting there are 3 areas that are enabled, Active scripting, Enable XSS filter & Scripting of Java applets. Allow Programmatic clipboard access which is set to Prompt. Disable all???
Edition Windows 11 Pro
Version 22H2
Installed on ‎10/‎19/‎2022
OS build 22621.1105-
This reply was modified 3 years ago by
fernlady.
-
This reply was modified 3 years ago by
-
anonymous
GuestJanuary 18, 2020 at 4:00 am #2086540I would open Control Panel and go to Programs and Features. Then on the top left click on “Turn Windows Features on or off”.
Next find Internet Explorer 11 and uncheck the box.
I did this a couple of years ago and it hasn’t affected other programs or websites for me.
Consider using NoScript with Firefox and although there is a bit of a learning curve any inconvenience will give you a more secure system as payback. Also HTTPS Everywhere is another secure option.
1 user thanked author for this post.
-
Microfix
AskWoody MVPJanuary 18, 2020 at 4:57 am #2086555Looks like MSFT has issued a temporary workaround for the IE vulnerability with instructions how to implement and undo for when a hot-fix-patch is released.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001
MSFT catalog patch for Windows 7 only? dunno, time will tell..
WaaS = Windows as a Syphon...suckers!
1 user thanked author for this post.
-
woody
Manager -
anonymous
Guest -
EstherD
AskWoody LoungerJanuary 18, 2020 at 6:53 pm #2086857It also causes “sfc” on Win7 to emit a cryptic error message, something about files it tried to restore but couldn’t, presumably because “sfc” also can no longer read the jscript.dll files after the workaround is implemented. Since the logfile generated by “sfc” is effectively unparsable by mere mortals, it is difficult to determine exactly what “sfc” is complaining about. Therefore, you may not want to implement this workaround if you rely on “sfc” to validate the health of your Win7 system.
Moonbear
AskWoody LoungerAmbularD
AskWoody PlusJanuary 18, 2020 at 9:34 pm #2086921Interesting. I disabled jscript per the advisory, and Internet Explorer still worked fine (not that I use it much anymore,) but Firefox crashed at startup until I enabled it again. Waterfox, Pale Moon, and IceDragon, however, did not seem to be affected.
Disabling jscript may also have broken Panda Dome, though I’m not sure about that, as this as a possible cause of the issues it was having did not occur to me until after I’d already given up in frustration and replaced it with Avast.
i7-10700k - ASROCK Z590 Pro4 - 1TB 970 EVO Plus M.2 - DDR4 3200 x 32GB - GeForce RTX 3060 Ti FTW - Windows 10 Pro
Mitja Kolsek
AskWoody PlusJanuary 19, 2020 at 7:29 am #2087082We @0patch are planning to issue a micropatch for this next week which will prevent Internet Explorer from loading jscript.dll. This will not affect the permissions on jscript.dll and will likely keep the sfc command unaffected. It would be nice to learn from other users implementing Microsoft’s workaround what else that workaround breaks.
-
PKCano
Manager -
Mitja Kolsek
Guest
Grargfar
AskWoody LoungerMrToad28
AskWoody Lounger-
Paul T
AskWoody MVP
PKCano
ManagerJanuary 29, 2020 at 11:29 am #2111606@Mitja-Kolsek
There are some other consequenses of the JavaScript bug posted here.
Viewing 8 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Abraham Lempel one of the fathers of the LZ family..died at the age of 86
by
Alex5723
2 hours, 28 minutes ago -
How to fix File Explorer folder views in Windows 10 and 11
by
B. Livingston
1 hour, 51 minutes ago -
Changes to Outlook and OneDrive have fallout
by
Peter Deegan
3 hours, 15 minutes ago -
Would you ever run an MS-DOS program in 64-bit Windows?
by
Ben Myers
3 hours, 54 minutes ago -
Lunch with Brian
by
Will Fastie
3 hours, 55 minutes ago -
Getting Outlook to behave
by
Susan Bradley
3 hours, 57 minutes ago -
Possible Data Scraper “Lusha” on the prowl
by
Nibbled To Death By Ducks
5 hours, 16 minutes ago -
Turbotax 2021 won’t activate on my Windows 11 computer
by
Alan F
4 hours, 11 minutes ago -
Laptop Battery
by
Rush2112
1 hour, 44 minutes ago -
Bug in macOS Ventura is breaking some networks (SMB)
by
Alex5723
8 hours, 51 minutes ago -
On activating a Workbook . . .
by
WSMartinM
11 hours, 24 minutes ago -
Losing Network Connection
by
WSRDPaterson
1 hour, 8 minutes ago -
How to Fax with privacy w/o a phone line?
by
Tex265
17 hours, 39 minutes ago -
macOS 13.2 Breaks Compatibility With Pioneer’s CD/DVD Drives
by
Alex5723
1 day, 6 hours ago -
Cables are very important
by
Susan Bradley
16 hours, 40 minutes ago -
Win 10 22H2 upgrade woes-gpedit User; KB 5005463
by
Deo
4 hours, 34 minutes ago -
backquotes
by
berniec
1 day, 12 hours ago -
What happened to the Home | Linux Journey website?
by
Charlie
4 hours, 3 minutes ago -
Microsoft disables SMBv1 on domain controller
by
Theodore Dawson
16 hours, 48 minutes ago -
Office 2021 Pro Plus Reading Pane Header
by
MarkAtHome
1 day, 17 hours ago -
Windows Cheat Sheet – Free download
by
Alex5723
1 day, 13 hours ago -
MacWhisper transcription from audio to text. OpenAI
by
Alex5723
1 day, 16 hours ago -
Sometimes it’s the little things
by
Susan Bradley
1 day, 10 hours ago -
Updates to 21H2 not appearing
by
RVAUser
1 day, 4 hours ago -
Best VPN services as of February 2023
by
Kathy Stevens
14 hours, 7 minutes ago -
Last Pass security
by
CAS
21 hours, 27 minutes ago -
Why did I hide KB5012170 back in August 2022?
by
TonyC
2 days, 9 hours ago -
Firejail
by
wdburt1
2 days, 19 hours ago -
Microsoft 365 trial offer blocks access to Windows 10 desktops
by
Alex5723
11 hours, 53 minutes ago -
Introducing tiny11 a lightweight and debloated Windows 11 for less powerful PCs
by
Alex5723
5 hours, 13 minutes ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.