Intrusion Prevention

MS.IE.Unsafe.Scripting

Description

This indicates an attack attempt against a vulnerability in Internet Explorer.
If the option "Initialize and script ActiveX controls not marked safe for scripting" is set within Internet Explorer, a malicious .vbs file could be downloaded and executed through a script webpage.

Affected Products

Microsoft Internet Explorer.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently, we are not aware of any vendor supplied patch for this issue.
Set the ActiveX option "Initialize and script ActiveX controls not marked safe for scripting" off as workaround.