Microsoft to start killing off VBScript in second half of 2024

Microsoft to start killing off VBScript in second half of 2024

May 22, 2024 at 02:35PM

Microsoft will deprecate VBScript by 2024, making it an on-demand feature and eventually removing it. Program manager Naveen Shankar said newer scripting languages like JavaScript and PowerShell offer better capabilities for modern web development and automation. VBScript will be gradually phased out, with the final retirement expected around 2027 due to security concerns.

From the meeting notes, it is clear that Microsoft has announced the deprecation plan for VBScript. Here are the key takeaways:

1. Microsoft will start deprecating VBScript in the second half of 2024 by making it an on-demand feature until it is completely removed.

2. VBScript will be available as part of Features on Demand (FODs) until it is retired from future Windows OS releases, as Microsoft transitions to more efficient PowerShell experiences.

3. The deprecation plan consists of three phases: VBScript will be enabled by default as an optional feature in Windows 11 24H2 in the first phase, followed by making it available as an on-demand feature in the second phase, and finally retiring and eliminating VBScript from future versions of Windows in the third phase.

4. The decision to deprecate VBScript is part of a broader strategy to remove known attack vectors used by threat actors to infect users with malware.

5. The move also aims to curb attacks that utilized Office VBA macros, leading to the introduction of various security measures such as extending support for Antimalware Scan Interface (AMSI) to Office 365 client applications and blocking untrusted XLL add-ins across Microsoft 365 tenants worldwide.

In summary, Microsoft’s announcement signifies the end of the road for VBScript as the company shifts focus towards more advanced and secure scripting languages like JavaScript and PowerShell. The deprecation plan reflects a strategic effort to enhance security and protect users from malware attacks.

Full Article