Skip to main content

Security Tips

How to disable Windows Script Host

F-Secure
|
Apr 19, 2016
|
1 min read

Numerous spam campaigns are pushing various crypto-ransom­ware families (and back­doors) via .zip file attachments. And such .zip files typically contain a JScript (.js/.jse) file that, if clicked, will be run via Windows Script Host.

Here’s how to disable Windows Script Host

Do yourself a favor and edit your Windows Registry to disable WSH.

Here’s the key (folder).

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Script Host\Settings

HKEY_CURRENT_USER can be used as an alternative.

Create a new DWORD value named “Enabled” and set the value data to “0”.

A screenshot of editing a DWORD entry in Windows registry settings.

And then, if you click on a .js file, you’ll see this:

A screenshot of a popup window saying: “Windows Script Host access is disabled on this machine. Contact your administrator for details.”

Which is way better than seeing an extortion note.

total app on different devices

Protect everything you do online with F‑Secure

Make staying safe online easy for yourself with one app that does it all. Skip online scams, download files and apps safely, protect your money online — and much more.

  • Award-winning antivirus and malware protection

  • Online browsing, banking, and shopping protection

  • 24/7 online identity and data breach monitoring

  • Unlimited VPN service to safe­guard your privacy

  • Password manager with private data protection

Read more about Total