How to protect against the CVE-2020-0674 vulnerability using Kaspersky Security 10 for Windows Server

Latest update: January 24, 2020 ID: 15396

This article concerns:

  • Kaspersky Security 10.1.2 for Windows Server (version
  • Kaspersky Security 10.1.1 for Windows Server (version

New vulnerability in Internet Explorer that affects the jscript.dll library has been disclosed. For details, see the Microsoft website.
As a risk mitigation measure, you can add JScript.dll to the list of denied modules for the iexplore.exe process.

Implementing these steps might result in reduced functionality for components or features that rely on jscript.dll.
Microsoft recommends these mitigation steps only if there is indication that you are under elevated risk.

To protect your server against the vulnerability:

  1. Open Kaspersky Security Center.
  2. Go to Managed devices → Policies.
  3. Open the properties of the Kaspersky Security for Windows Server policy.
  4. Go to the Real-time server protection section.
  5. In the Exploit Prevention area, click Settings.

Opening Exploit Prevention settings.

  1. Select the check box Prevent vulnerable processes exploit and enable the Terminate on exploit mode.

Exploit Prevention settings.

  1. Open the Protected processes tab, find iexplore.exe in the table and click Set exploit prevention techniques.

Protected processes settings

  1. Select Apply selected exploit prevention techniques.
  2. Add jscript.dll to the list of Deny modules and click OK.

Adding the jscript.dll library to the list of denied modules

  1. Save the Kaspersky Security 10 for Windows Server policy.

Now your server is protected against the CVE-2020-0674 vulnerability.

Did you find what you were searching for?
Thank you for your feedback!