CVE-2021-40444: Activate Workaround: Disable ActiveX Download - superseded
Log In or Register to download the BES file, and more.

0 Votes

Versioning - This is an older version.

1CVE-2021-40444: Activate Workaround: Disable ActiveX Download9/10/2021 12:07:10 AM
2CVE-2021-40444: Activate Workaround: Disable ActiveX Download9/10/2021 8:40:35 AM
3CVE-2021-40444: Activate Workaround: Disable ActiveX Download9/11/2021 8:16:52 AM

Description

Workaround for CVE-2021-40444

Property Details

ID26874
StatusBeta - Preliminary testing ready for more
TitleCVE-2021-40444: Activate Workaround: Disable ActiveX Download
DomainBESC
CategoryWorkaround
SourceTrevor Norrey
Source Release Date9/8/2021 12:00:00 AM
CVENamesCVE-2021-40444
KeywordsCVE-2021-40444
Added by on 9/10/2021 8:40:35 AM
Last Modified by on 9/10/2021 8:40:35 AM
Counters 87 Views / 3 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

isWindows (Relevance 1172)
Used in 1142 fixlets and 537 analyses   * Results in a true/false
Show indented relevance
windows of operating system
Used in 7 fixlets and 1 analsis   * Results in a true/false
Show indented relevance
Product type of operating system = NT Workstation product type
Used in 1 fixlet   * Results in a true/false
Show indented relevance
4 != number of keys ("0"; "1"; "2"; "3") whose (exists value "1001" whose (it as string as integer = 3) of it and exists value "1004" whose (it as string as integer = 3) of it) of key "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones" of native registry

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script
action uses wow64 redirection {not x64 of operating system}

if x64 of operating system

regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]" "1001"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]" "1004"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]" "1001"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]" "1004"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]" "1001"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]" "1004"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]" "1001"=dword:00000003
regset64 "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]" "1004"=dword:00000003

else

regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]" "1001"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]" "1004"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]" "1001"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]" "1004"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]" "1001"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]" "1004"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]" "1001"=dword:00000003
regset "[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]" "1004"=dword:00000003

endif
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!