Microsoft has recently unveiled its strategy to deprecate support for Visual Basic Script (VBScript) within the Windows operating system. Introduced in 1996, VBScript, inspired by Visual Basic, initially targeted web developers but swiftly gained favor among Windows administrators. It became an essential tool for automating tasks on Windows. However, this versatile scripting language was also adopted by malicious actors, including malware developers who employed VBScript in attacks such as the notorious I Love You worm.
In response to evolving security concerns, Microsoft has already disabled VBScript in Internet Explorer (IE), its first major web browser, which is no longer supported in most Windows versions.
Over the years, Microsoft’s focus has shifted toward its .NET framework, leaving VBScript to receive only bug fixes and security updates.
The deprecation notice on Microsoft’s official website delivers the following message: “VBScript is being deprecated. In future Windows releases, VBScript will be available as an optional feature before its complete removal from the operating system.”
As of now, Microsoft has not provided a specific timeline. In forthcoming Windows releases, VBScript will continue to be enabled by default but as an optional feature. Eventually, Microsoft will transition VBScript into an entirely optional component, no longer enabled by default, before its eventual removal from the Windows ecosystem.
For Windows administrators seeking to manage optional features, you can conveniently access the Settings app. Simply open the Start menu, type “optional features,” and select the “manage optional features” item in the search results. Here, Windows lists all installed optional features, and you can explore additional features that are available but not yet installed.
Disabling VBScript: Closing an Attack Vector
Microsoft’s decision to disable VBScript may not come with an official statement, but the motive is clear: enhancing security. By deprecating VBScript, Microsoft effectively eliminates a potential attack vector for malicious actors who exploit .vbs scripts in their attacks. While there are numerous alternative scripting languages available, taking this step to plug a known vulnerability is a commendable move in bolstering overall security.
The discovery, initially reported by Bleeping Computer, aligns with the idea that Microsoft’s primary objective is to reinforce security measures. It’s important to note that VBScript still finds utility in malware attacks today, making its deprecation all the more crucial.
As VBScript transitions into an optional feature, Windows users will have the flexibility to disable it via the Settings app. Additionally, for those concerned about .vbs malware, an option to disable the Windows Scripting Host is already available, providing an extra layer of defense against potential threats.
How to Prevent VBS Files from Running
If you want to disable the Windows Script Host (WSH) functionality to prevent VBS files from running, you can follow these steps:
Step 1: Press the WINDOWS + R keys to open the Run dialog.
Step 2: Type “regedit” and hit Enter. This will open the system registry in edit mode.
Step 3: For current user, navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\ in the registry.
Step 4: If it doesn’t already exist, create a new REG_DWORD key and name it “Enabled.”
Step 5: Assign a value of 0 (zero) to this key.
Step 6: For all users, navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings\ in the registry.
Step 7: Similar to the previous step, if it’s not already present, create a new REG_DWORD key and name it “Enabled.”
Step 8: Assign a value of 0 (zero) to this key.
With these changes, VBS execution will be effectively blocked. To test the setup, you can create a test.vbs file on your desktop and attempt to run it. If you’ve followed the steps correctly, you should encounter a warning message in a popup window stating: “Windows Script Host access is disabled on this machine. Contact your administrator for details.”
Please be cautious when making changes in the Windows Registry, as improper modifications can affect your system’s stability.
This strategic move by Microsoft reflects the company’s ongoing commitment to enhancing Windows security and mitigating risks associated with VBScript-related vulnerabilities.