Home
You can now disable JScript execution in Internet Explorer
Windows 11

You can now disable JScript execution in Internet Explorer

November 1, 2020

Internet Explorer is not a huge priority anymore at Microsoft but the latest version of the web browser is still maintained by Microsoft and security patches do get released regularly. Each month, security updates are released that should be installed even if Internet Explorer is not used at all or rarely used.

Microsoft introduced an option on the October 2020 Patch Day for its products to disable the JScript component of the company’s Internet Explorer browser; this is done to improve overall security according to Microsoft. The option has been implemented with organizations in mind, but nothing is keeping home Windows administrators from disabling the feature on their devices as well.

Microsoft’s Benjamin Soon provides some insight on Microsoft’s decision on the company’s Tech Community website:

Jscript is a legacy Microsoft implementation of the ECMA 262 language specification. Blocking Jscript helps protect against malicious actors targeting the JScript scripting engine while maintaining user productivity as core services continue to function as usual.

Microsoft recommends that JScript is disabled in the Internet and Restricted Zones. The process requires Registry edits and on older systems the configuration of a feature control key.

internet explorer disable jscript

Devices with Windows 10 version 1803 or later support the new Registry values out of the box. Here is how you restrict JScript execution in Internet Explorer, JScript from executing scripts for emulated applications, and JScript from executing scripts from MXSML3 and MSXML6.

  1. Use Windows-R to open the run box.
  2. Typ regedit and hit OK.
  3. Confirm the UAC prompt.
  4. Disabling JScript execution in the Internet Zone:
    1. Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones3
    2. Right-click on 140D and select Modify.
    3. Change the value to 3.
    4. Select OK
  5. Disabling JScript execution in Restricted Sites Zone:
    1. Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4
    2. Right-click on 140D and select Modify.
    3. Change the value to 3.
    4. Select OK
  6. Restrict JScript from executing scripts from emulated applications:
    1. HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoftWindowsCurrentVersionInternet SettingsZones3
    2. Right-click on 140D and select New > Dword (32-bit) Value.
    3. Name it EnableJScriptMitigation.
    4. Set its value to 1.
    5. Click ok.
  7. Restrict MSXML3 and MSXML6 script execution:
    1. MSXML3 on 32-bit system: HKEY_LOCAL_MACHINESOFTWAREMicrosoftMSXML30
    2. MSXML6 on 32-bit systems: HKEY_LOCAL_MACHINESOFTWAREMicrosoftMSXML60
    3. MSXML3 on 64-bit systems: HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoftMSXML30
    4. MSXML6 on 64-bit systems: HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoftMSXML60
    5. Right-click on the keys and select New > Dword (32-bit) Value.
    6. Name it EnableJScriptMitigation.
    7. Set its value to 1.
    8. Click ok.
  8. Restart Internet Explorer.

Internet Explorer won’t run JScript from sites that use Internet Explorer’s legacy document modes provided that the sites are in the Internet Zone or Restricted Sites Zone. Additionally, if you set the keys under 6) and 67 above, JScript cannot be executing scripts from emulated applications or from MSXML3 and MSXML6.

You can check out Microsoft’s support article for additional details.

Thank you for being a Ghacks reader. The post You can now disable JScript execution in Internet Explorer appeared first on gHacks Technology News.

Tags: