Uhhh isn't this about JScript stuff? It's not Javascript though it also uses the .js extension. Don't think you can just run Javascript on Windows like that.
this is sensational if anything. most people would think that the javascript the article headline is talking about is web browser javascript
[QUOTE=Scratch.;50555395][media]https://twitter.com/SwiftOnSecurity/status/737349169329774592[/media][/QUOTE]
What to do if you don't have Group Policy editor in Windows 10 Home? Is it time to panic?
[QUOTE=Sam Za Nemesis;50555404]I didn't even knew windows itself had a js runtime let alone that allowed you to interact with the filesystem[/QUOTE]
The Windows Script Host stuff is ancient now. It's used by quite a few things to do bits here and there. Things like Rainmeter use it for a few plugins. It has a reason to exist, but it is a bit of a security problem if your group policies aren't secure.
[QUOTE=FezianEmperor;50555633]What to do if you don't have Group Policy editor in Windows 10 Home? Is it time to panic?[/QUOTE]
something something wscript something something
I have no clue
Just don't open .js files from explorer when spam tells you too.
[QUOTE=Cold;50556446]Just don't open .js files from explorer when spam tells you too.[/QUOTE]
Article also mentions about macros in office documents. These can also be abused.
It's great that this gets public awareness are there are a demographic that do not understand such risks and should be informed, and this is a platform that can be used to help educate
But if you know what you're doing, everything should be pretty straight forward in mitigating these attempts, most of which comes down to "Don't continue because it's shady as fuck"
Sorry, you need to Log In to post a reply to this thread.