News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Yet another JScript vulnerability

    Home Forums AskWoody blog Yet another JScript vulnerability

    This topic contains 20 replies, has 13 voices, and was last updated by  PKCano 3 weeks ago.

    • Author
      Posts
    • #2086420 Reply

      woody
      Da Boss

      Internet Explorer, the gift that keeps on giving. Looks like we have a brand new JScript bug. According to ADV200001: A remote code execution vulnerab
      [See the full post at: Yet another JScript vulnerability]

      4 users thanked author for this post.
    • #2086433 Reply

      abbodi86
      AskWoody_MVP

      Yes, let’s hope they don’t repeat September debacle 🙂

      2 users thanked author for this post.
    • #2086474 Reply

      fernlady
      AskWoody Lounger

      I’m a home user with one windows7 computer and have Firefox 72.0.1 as my default browser, should I disable JScript in IE11?

      Under Scripting there are 3 areas that are enabled, Active scripting, Enable XSS filter & Scripting of Java applets. Allow Programmatic clipboard access which is set to Prompt. Disable all???

      Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

      • This reply was modified 1 month ago by  fernlady.
      • #2086540 Reply

        anonymous

        I would open Control Panel and go to Programs and Features. Then on the top left click on “Turn Windows Features on or off”.

        Next find Internet Explorer 11 and uncheck the box.

        I did this a couple of years ago and it hasn’t affected other programs or websites for me.

        Consider using NoScript with Firefox and although there is a bit of a learning curve  any inconvenience will give you a more secure system as payback. Also HTTPS Everywhere is another secure option.

        1 user thanked author for this post.
        • #2086602 Reply

          fernlady
          AskWoody Lounger

          That was easy. Thank you, so far no problems.

          Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

          • #2110097 Reply

            Moonbear
            AskWoody Lounger

            If you do ever need to re-enable Internet Explorer, It may not recreate the desktop icon when you do.

            Just something to watch out for.

             

    • #2086555 Reply

      Microfix
      Da Boss

      Looks like MSFT has issued a temporary workaround for the IE vulnerability with instructions how to implement and undo for when a hot-fix-patch is released.

      https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001

      MSFT catalog patch for Windows 7 only? dunno, time will tell..

      Win7 Pro x64 | Win8.1 Pro x64 | Linux Hybrids x86/x64 | Win7 Pro x86 | W10 never again
      1 user thanked author for this post.
      • #2086562 Reply

        woody
        Da Boss

        Yep, that’s the “Turn off JScript” fix I mentioned.

        Nice of them to announce this on a Friday evening before a three-day (US) weekend…

        1 user thanked author for this post.
      • #2086829 Reply

        anonymous

        As usual MS forgot to mention in the FAQ,  this temporary workaround also break Windows Media Player on Win 10. You’ll get a “Server execution failed error” when trying to play an MP4.

        3 users thanked author for this post.
      • #2086857 Reply

        EstherD
        AskWoody Plus

        It also causes “sfc” on Win7 to emit a cryptic error message, something about files it tried to restore but couldn’t, presumably because “sfc” also can no longer read the jscript.dll files after the workaround is implemented. Since the logfile generated by “sfc” is effectively unparsable by mere mortals, it is difficult to determine exactly what “sfc” is complaining about. Therefore, you may not want to implement this workaround if you rely on “sfc” to validate the health of your Win7 system.

        3 users thanked author for this post.
    • #2086604 Reply

      Moonbear
      AskWoody Lounger

      If your not directly using Internet Explorer to access the internet, should this be worried about?

      I have IE’s outbound connection blocked with Windows Firewall, should I also block the inbound connection as well?

      • #2086914 Reply

        woody
        Da Boss

        Not using IE is kind of a baseline security precaution.

        I don’t know if you’re vulnerable outside of IE, but I would guess that if the exposure were really all that significant, we would have a patch by now.

        4 users thanked author for this post.
        • #2087274 Reply

          Moonbear
          AskWoody Lounger

          In that case I’m leaving it alone, especially considering the issues being reported from using the workaround

    • #2086921 Reply

      AmbularD
      AskWoody Plus

      Interesting.  I disabled jscript per the advisory, and Internet Explorer still worked fine (not that I use it much anymore,) but Firefox crashed at startup until I enabled it again.  Waterfox, Pale Moon, and IceDragon, however, did not seem to be affected.

      Disabling jscript may also have broken Panda Dome, though I’m not sure about that, as this as a possible cause of the issues it was having did not occur to me until after I’d already given up in frustration and replaced it with Avast.

      i7-4790k - Z97X-Gaming 3 - DDR3 2133 x 32GB - GTX 1070 FTW - Windows 7 Pro x64 SP1

      4 users thanked author for this post.
    • #2087082 Reply

      Mitja Kolsek
      AskWoody Plus

      We @0patch are planning to issue a micropatch for this next week which will prevent Internet Explorer from loading jscript.dll. This will not affect the permissions on jscript.dll and will likely keep the sfc command unaffected. It would be nice to learn from other users implementing Microsoft’s workaround what else that workaround breaks.

      5 users thanked author for this post.
    • #2087468 Reply

      Grargfar
      AskWoody Plus

      The workaround breaks printing to “Microsoft Print to PDF”. I had to revert it.

      1 user thanked author for this post.
    • #2110388 Reply

      MrToad28
      AskWoody Lounger

      I use Win7 PC’s and never use IE..Use Firefox, Firefox variant Pale moon & Chrome. Would I be affected by this Jscript issue?

      • #2110524 Reply

        Paul T
        AskWoody MVP

        Probably not, but it’s worth checking the browser web sites to see what they say about it.

        cheers, Paul

    • #2111606 Reply

      PKCano
      Da Boss

      @Mitja-Kolsek

      There are some other consequenses of the JavaScript bug posted here.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Yet another JScript vulnerability

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.