There have been reports of fake updaters that spoof Chrome, Firefox, and Internet Explorer landing pages. When the user clicks on the upgrade option, a JavaScript file is downloaded and executes malware. You have several options to block or change the default behavior to better protect workstations. Clearly communicate to your users what file types are and are not allowed on web-based portals, you can easily do this. With Windows 10, version 1709 (RS3, build 16299) or greater you can set up an ASR rule to block JavaScript and VBScript.”]