Microsoft to kill off VBScript in Windows to block malware delivery

Cyber Security Threat Summary:
Microsoft says it is in the works of removing VBScript (Visual Basic Script), a scripting language that was introduced by the tech giant approximately 30 years ago. Although VBScript was originally designed for Windows automation and administrative tasks, over the years, threat actors have misused it to create and distribute malicious payloads. According to Microsoft, VBScript will be available as an on-demand feature in the future releases of Windows, until it is ultimately removed. Features on demand are optional features on Windows that aren’t installed by default. As such, until VBScript reaches retirement, users who need the feature can add it when necessary.

Security Officer Comments:
The decision to phase out VBScript follows the tech giant's move to disable Excel 4.0 (XLM) macros and enforce the default blocking of VBA office macros. Despite a decline in its usage over time, VBScript has remained a tool exploited by threat actors. Notorious malware strains such as Emotet, Trickbot, Qbot, and more recently, DarkGate loader, have been distributed using VBScript, highlighting its enduring significance in the realm of cybersecurity threats. Microsoft's decision to depreciate VBScript showcases its efforts to combat this ongoing threat, reducing one malware infection vector that organizations and security personnel need to worry about. Despite this, it's important to note that threat actors are quick to adapt to changes, and will likely shift their focus to alternative scripting languages, serving as a reminder for organizations to remain vigilant.

Link(s):
https://www.bleepingcomputer.com/