Block the Latest Internet Explorer Vulnerability With This Workaround
Last week, Microsoft disclosed an issue-related vulnerability in Internet Explorer affecting various modifications of Internet Explorer 9, 10, and 11 in Windows 7, 8.1 and Windows 10 (as well as various versions of Windows Server). The bad news is that the Microsoft, most likely, will not fix the problem until February – when will be the next big batch of security updates.
Fortunately, there are several workarounds you can use right now to protect yourself from this new remote code execution vulnerability. Before we get into that, here’s a quick summary from Microsoft of how this vulnerability could be exploited in the wild:
“An attacker who successfully exploited this vulnerability could gain the same privileges as the current user. If the current user is logged on as an administrator, an attacker who successfully exploited this vulnerability could gain control of the affected system. The attacker can then install the programs; view, change or delete data; or create new accounts with full user rights.
In an Internet attack scenario, an attacker could host a specially crafted website that is designed to exploit a vulnerability through Internet Explorer and then convince a user to view that website, for example by sending an email. “
To be on the safe side, let’s start with the basics: common sense. Don’t visit shitty sites; Do not be phished by websites that claim to be who they are not; do not follow unfamiliar links on the Internet (or by email); beware of messages and other “click here!” enter content that seems incredibly suspicious.
Plus, now is the perfect time to switch to the new Chromium-based Microsoft Edge browser before it does it for you in a few months. Not only will you get a better browsing experience, but you also won’t be hurt by the browser vulnerability you leave behind.
If you need to use Internet Explorer, consider the following workaround. Open an Administrative Command Prompt (search for “Command Prompt” after clicking the Start button and then right-click to run a Command Prompt as administrator). What you will enter next is slightly different for 32-bit and 64-bit systems, and you will need to enter a line, press Enter, enter the next line, and so on.
32-bit Windows
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P all: N
64-bit Windows
takeown / f% windir% \ syswow64 \ jscript.dll
cacls% windir% \ syswow64 \ jscript.dll / E / P all: N
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P all: N
These commands restrict access to the legacy JScript library that is stuck around compatibility – Your browser is now using JScript9.dll, not Jscript.dll by default. You will want to revert this change as soon as Microsoft installs a browser patch, which requires a different set of commands in the administrative command line:
32-bit Windows
cacls% windir% \ system32 \ jscript.dll / E / R all
64-bit Windows
cacls% windir% \ system32 \ jscript.dll / E / R all
cacls% windir% \ syswow64 \ jscript.dll / E / R all