Microsoft enables JScript9Legacy scripting engine to improve Windows 11 security

Microsoft has made a significant shift in its approach to scripting within Windows 11 24H2, opting to phase out JScript in favor of a more secure alternative. This transition aims to enhance the overall security framework of Windows 11, reflecting the company’s commitment to safeguarding user experiences in an increasingly complex digital landscape.

In this latest update, Microsoft has enabled JScript9Legacy by default. While the company emphasizes the critical security benefits of this change, it will not be retroactively applied to earlier editions of Windows prior to 24H2. Users can rest assured that this switch will occur seamlessly, requiring no action on their part. JScript9Legacy will automatically manage all scripting processes that previously relied on JScript, ensuring continuity without disruption.

Boosting Windows 11 security

Naveen Shankar from Microsoft elaborates on the significance of adopting JScriptLegacy, stating:

Based on JScript9, the new JScriptLegacy scripting engine offers improved performance and security features. JScript9Legacy is designed to be more compatible with modern web standards, which helps mitigate the risk of cross-site scripting (XSS) and other web-based attacks.

He further explains:

The new engine incorporates advanced security features such as improved handling of JavaScript objects and stricter execution policies, which make it harder for malicious scripts to exploit the system. By replacing JScript.dll with JScript9Legacy.dll, the operating system can better defend against a wider range of security threats, ultimately providing a more secure environment for users.

This transition is particularly crucial given that JScript has been around for nearly three decades, becoming increasingly outdated and vulnerable. Microsoft recognizes that the old scripting engine no longer meets the demands of modern security challenges.

While the company assures users that the migration to JScript9Legacy should be smooth, it remains vigilant about potential compatibility issues that some users may encounter. Currently, Microsoft has not disclosed any procedures for reverting to JScript in the event of such issues, likely due to concerns about possible exploitation by malicious entities. However, users experiencing difficulties are encouraged to reach out to the support team via the Services Hub for assistance.

The rationale behind limiting this change to Windows 11 24H2 remains somewhat unclear, as does the prospect of updating older Windows versions. With Microsoft phasing out Windows 10 and advocating for widespread adoption of the latest Windows 11 version, it seems unlikely that older systems will receive similar updates in the near future.

Image credit: Alexey Novikov / Dreamstime.com

Winsage
Microsoft enables JScript9Legacy scripting engine to improve Windows 11 security