Workarounds: Defend Against Attacks Until A Patch Arrives
According to the advisory, preventing the loading of the JScript.dll library can manually block the exploitation of this vulnerability.
To restrict access to JScript.dll, run following commands on your Windows system with administrator privileges.
For 32-bit systems:
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
For 64-bit systems:
takeown / f% windir% \ syswow64 \ jscript.dll
cacls% windir% \ syswow64 \ jscript.dll / E / P everyone: N
takeown / f% windir% \ system32 \ jscript.dll
cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
When a patch update is available, users need to undo the workaround using the following commands:
For 32-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
For 64-bit systems:
cacls %windir%\system32\jscript.dll /E /R everyone
cacls %windir%\syswow64\jscript.dll /E /R everyone
To be noted, some websites or features may break after disabling vulnerable JScript.dll library that relies on this component, so therefore, users should install updates as soon as they become available.