Category: Microsoft|Jan 19, 2020 | Author: Admin

Microsoft offers workaround to mitigate the IE Scripting Engine Memory Corruption Vulnerability

Share on

Clément Lecigne of Google’s Threat Analysis Group reported about an IE vulnerability that allowed remote execution of code via Internet Explorer.

Clément Lecigne of Google’s Threat Analysis Group reported about an IE vulnerability that allowed remote execution of code via Internet Explorer. The vulnerability lies in the way the scripting engine handles objects in memory in IE. Microsoft has disclosed the issue, and also offered a workaround for this Scripting Engine Memory Corruption Vulnerability (CVE-2020-0674).

By default, IE11, IE10, and IE9 use Jscript9.dll and are not impacted by this vulnerability. This vulnerability only affects certain websites that utilize JScrip.dll as the scripting engine.

How does an attacker execute remote code?
An attacker can set up a trap by sending a link to a specially crafted website over email. When the victim clicks on the link, the code will exploit the vulnerability through Internet Explorer

Workaround to mitigate IE Scripting Engine Memory Corruption Vulnerability
Once you have applied the patch, it will result in reduced functionality for components or features that rely on jscript.dll. However, it still doesn’t offer full protection, and it will be best not to use IE unless a permanent fix is rolled out. We highly recommend you to move to Microsoft Edge until the update becomes available. Microsoft is expected to patch this on its upcoming Patch Tuesday updates.

 
Restrict access to JScript.dll
For 32-bit systems, enter the following command at an administrative Command Prompt:

takeown /f %windir%\system32\jscript.dll
cacls %windir%\system32\jscript.dll /E /P everyone:N

For 64-bit systems, enter the following command at an administrative command prompt:

takeown /f %windir%\syswow64\jscript.dll
cacls %windir%\syswow64\jscript.dll /E /P everyone:N
takeown /f %windir%\system32\jscript.dll
cacls %windir%\system32\jscript.dll /E /P everyone:N

How to undo the workaround
Microsoft recommends reverting the mitigation steps before installing the update to return to a full state. Else any access to JScirpt.dll will suffer reduced functionality.

For 32-bit systems, enter the following command at an administrative command prompt:

cacls %windir%\system32\jscript.dll /E /R everyone

For 64-bit systems, enter the following command at an administrative command prompt:

cacls %windir%\system32\jscript.dll /E /R everyone
cacls %windir%\syswow64\jscript.dll /E /R everyone

Microsoft also shared that Internet Explorer on Windows Server copies (2008/2012/2016) run in a restricted mode known as Enhanced Security Configuration. It reduces the likelihood of a user or administrator downloading and running specially crafted web content on a server.

 

Sponsored Ads:

Comments:


We've heard it before, but Cloudflare may have solved the big web bug

Category: IT|Sep 29, 2022 | Author: Admin

Could this be the start of something big?

Category: IT|Sep 28, 2022 | Author: Admin

Takes randomly restart

Category: Apple|Sep 27, 2022 | Author: Admin

There are already problems with them

Category: Apple|Sep 26, 2022 | Author: Admin

GTA VI-HACKER (17) should be arrested

Category: General|Sep 25, 2022 | Author: Admin

25 percent consider quitting up

Category: General|Sep 24, 2022 | Author: Admin

This is Logitech's Sky-Handened with up to 12 hours of gaming

Category: General|Sep 23, 2022 | Author: Admin

The Taliban think PUBG is too violent

Category: General|Sep 22, 2022 | Author: Admin

If YouTube crashes on the iPhone, this is the solution

Category: General|Sep 21, 2022 | Author: Admin

See the graphics RTX 40 is capable of - here are the prices - DLSS 3 only to RTX 40

Category: General|Sep 20, 2022 | Author: Admin

Now the Rockstar Monster leak comments on the GTA VI

Category: General|Sep 19, 2022 | Author: Admin

Snapchat, Tiktok and Instagram can destroy the iPhone 14 Pro

Category: Apple|Sep 18, 2022 | Author: Admin

Updated: Uber's employees did not believe what they saw: Must have become the pig-hack by 18-year-old

Category: General|Sep 17, 2022 | Author: Admin

Only one mobile lasts longer than the iPhone 14 Pro Max in a surf test

Category: Apple|Sep 16, 2022 | Author: Admin

This is the date The Sims 4 goes free

Category: General|Sep 15, 2022 | Author: Admin
more