October 10, 2023 at 12:38PM
Microsoft plans to phase out VBScript in future Windows releases, after 30 years of use. VBScript will become an on-demand feature until it is completely removed from the operating system. This decision is likely related to the discontinuation of Internet Explorer, which eliminates a major infection vector for malware. Microsoft is taking steps to mitigate malware campaigns that exploit Windows and Office features.
From the meeting notes, the key points are as follows:
1. Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use.
2. VBScript is a programming language similar to Visual Basic or VBA.
3. VBScript is bundled with Internet Explorer and integrates active scripting into Windows environments.
4. Microsoft will make VBScript an on-demand feature before its removal from the operating system.
5. Features on Demand (FODs) are optional features that can be added to the Windows operating system.
6. Microsoft disabled VBScript by default in Internet Explorer 11 on Windows 10 with the July 2019 Patch Tuesday updates.
7. Deprecating VBScript eliminates a prevalent infection vector used by threat actors to infect Windows systems with malware.
8. This decision is part of a broader strategy to mitigate malware campaigns exploiting Windows and Office features.
9. VBScript has been used by malicious actors to distribute malware such as Lokibot, Emotet, Qbot, and DarkGate.
10. Microsoft has taken steps to improve security, including extending support for AMSI to Office 365 applications and implementing macro protections in Excel and other Office applications.
These notes provide an overview of Microsoft’s plans to phase out VBScript, the motivations behind this decision, and the impact on security.
Full Article – https://ift.tt/usa9PIo