When a regular HTML file is executed (by IE browser), the execution is confined to the security model of the web browser. This means it is confined to communicating with the server, manipulating the page's object model (usually to validate forms and/or create interesting visual effects) and reading or writing cookies.
On the other hand, an HTA runs as a fully trusted application and therefore has more privileges than a normal HTML file; for example, an HTA can create, edit and remove files and registry entries. Although HTAs run in this 'trusted' environment, querying Active Directory can be subject to Internet Explorer Zone logic and associated error messages.
jymcheong
commented
3 years ago
What & Why
https://en.wikipedia.org/wiki/HTML_Application
When a regular HTML file is executed (by IE browser), the execution is confined to the security model of the web browser. This means it is confined to communicating with the server, manipulating the page's object model (usually to validate forms and/or create interesting visual effects) and reading or writing cookies.
On the other hand, an HTA runs as a fully trusted application and therefore has more privileges than a normal HTML file; for example, an HTA can create, edit and remove files and registry entries. Although HTAs run in this 'trusted' environment, querying Active Directory can be subject to Internet Explorer Zone logic and associated error messages.
How
From https://superuser.com/a/407041, change the default file type launcher (mshta.exe) association
Show current filetype association
Change...
Assoc & Ftype are functionalities built into cmd.exe, they are not programs:
https://stackoverflow.com/a/33573068
Using commands from powershell: