⚠️ Security Warning

ClickFix lures can lead to malware and computer viruses. If you see text like this online, it's likely a scam.

Back to Techniques

mshta.exe

mshta.exe is a Microsoft HTML Application Host that executes HTA (HTML Application) files. It can be used to execute JavaScript, VBScript, and other scripting languages within the context of an HTML application. This makes it a powerful tool for attackers to execute malicious code while bypassing certain security controls.

windows cli MOTW UAC

Fix Your Browser Security Settings

Try Example
MOTW

Your browser security settings need to be updated to continue. Follow these steps to fix the issue:

  1. Press Win-R on your keyboard

  2. Type mshta and press Enter

  3. Press Ctrl-V to paste our configuration

  4. Press Enter to submit

References:

Mitigations:

  • Block or restrict mshta.exe execution through application control

  • Monitor for suspicious mshta.exe command lines

  • Never run commands from unsolicited sources

  • Be suspicious of requests to update browser security settings via command line

Contributor: Michael Haag (2025-09-09)

Update Your Browser Certificate

Try Example
UAC

Your browser certificate has expired. Update it now to continue secure browsing:

  1. Press Win on your keyboard

  2. Type mshta and press Ctrl+Shift+Enter

  3. Click Yes when prompted

  4. Press Ctrl-V to paste our configuration

  5. Press Enter to submit

References:

Mitigations:

  • Block or restrict mshta.exe execution through application control

  • Monitor for suspicious mshta.exe command lines

  • Never run commands from unsolicited sources

  • Be suspicious of requests to update certificates via command line

Contributor: Michael Haag (2025-09-09)