Vulnerabilities

Microsoft can’t fix Internet Explorer vulnerability & breaks Windows printing function

Sometimes fixing a security issue can lead to new problems. Microsoft is experiencing failures with the temporary fix of a recently found zero-day Internet Explorer vulnerability, as users and information security firms have reported that this workaround negatively affects Windows systems, leading to the crashing of the printing function in some machines.

A week ago, the company disclosed the existence
of a zero-day remote code execution vulnerability in Internet Explorer 11, 10,
and 9, tracked as CVE-2020-0674. If exploited, the flaw would allow hackers to
create a specially crafted website to execute commands remotely on the target
system. The flaw was being exploited in the wild, although the company claims
that exploitation cases are small.

Because there are no updates available yet, the
company released a workaround that requires changing the owner of %windir%-system32-jscript.dll
and denying access to the file for the Everyone group. It should be noted that Microsoft
had already warned that this method might affect some features that depend on
the jscript.dll file.

Unfortunately, the errors generated by this
workaround are greater than expected. Soon after, multiple users who
implemented the temporary fix reported malfunctions in the operation of their
USB printers from HP and other manufacturers, information security experts
mentioned.

In general, when users tried to print a document,
the machine responded with input & output errors, so the printing process
was not completed. According to information security experts, in addition to
the printer-related issue, this temporary fix can also lead to other flaws,
such as:

  • Windows
    Media player crashes when trying to play MP4 files
  • SFC
    (Resource Checker), a tool that scans the integrity of all protected system
    files and replaces incorrect versions with the correct versions of Microsoft,
    collapses into jscript.dll with altered permissions
  • Automatic
    proxy configuration scripts (PAC scripts) may not work

Some security firms have developed temporary
patches to fix the flaw without experiencing these issues. If you do not want
to install a third-party developer patch, the International Institute of Cyber
Security (IICS) recommends removing the fix and waiting for the release of the
full Microsoft patch.

To remove the fix:

For 32-bit systems, enter the following command
at the admin command prompt:

cacls %windir%-system32-jscript.dll /E/R everyone   

For 64-bit systems, enter the following command
at the admin command prompt:

cacls %windir%-system32-jscript.dll /E/R everyone

cacls %windir%syswow64jscript.dll /E /R everyone

To Top

Pin It on Pinterest

Share This