Page 1 of 1

TextPipe use of jscript.dll ?

Posted: Sat Feb 15, 2020 7:54 pm
by DFH
Background: https://news.softpedia.com/news/microsoft-s-zero-day-bug-fix-causes-windows-bug-528973.shtml
and many other tech news sites that can be found by web search for

Code: Select all

jscript.dll zero day microsoft
Having read of the recently reported zero day vulnerability of jscript.dll in Windows,
and the fact that Microsoft has described only a mitigation workaround for Windows 7 users after extended support ended in January 2020,
it occurs to me that as TextPipe has a special filter for running JScript language,
to ask whether this uses the vulnerable jscript.dll or the non-vulnerable jscript9.dll ?

If the latter, there should be no serious consequences.

If the former, it would likely be the case that Windows 7 users that implemented the Microsoft workaround
may encounter unexpected issues when seeking to use a filter that runs JScript.

If this were the case, then TextPipe ought to be updated to use jscript9.dll and not jscript.dll

Best regards,

David

Re: TextPipe use of jscript.dll ?

Posted: Mon Feb 17, 2020 9:49 pm
by DataMystic Support
Hi David,

We don't directly call any jscript DLL by name. We call it by its COM registration name, which will be the patched or unpatched DLL as the case may be,

Re: TextPipe use of jscript.dll ?

Posted: Sun Feb 23, 2020 1:00 am
by DFH
Windows 7 users who don't have extended support may be interested to visit 0patch.com

The free edition is not a solution for the jscript.dll zero day vulnerability.
The Pro edition claims to be and more, but it's an annual subscription.

David