Microsoft started retirement process of VBScript

After 28 years, VBScript deprecation has started

Microsoft begins the removal process of VBScript

Microsoft announced its plan to phase out VBScript (Visual Basic Script) starting in the second half of 2024. VBScript, introduced in 1996, has been a core component of Windows, used mainly for automation tasks and web development. It allowed users to create interactive web pages and automate tasks through Internet Explorer.

However, over the years, more advanced scripting languages like JavaScript and PowerShell have emerged, offering better capabilities for modern tasks. This transition is part of Microsoft's broader strategy to enhance security and efficiency in its operating systems. In the publication released by Microsoft, it was stated:[1]

Scripting options for web development and task automation are modernizing. To provide you with the most modern and efficient options, we are replacing VBScript with more advanced alternatives such as JavaScript and PowerShell.

Microsoft says that PowerShell and JavaScript should replace VBScript eventually

The deprecation of VBScript will occur in three distinct phases. The first phase begins in the second half of 2024, where VBScript will be available as an on-demand feature in Windows 11 24H2, which was recently released on the Preview Channel.[2] Users will need to install it if needed, as it will no longer be a default component. This change will be part of the new OS release slated for later this year.

The second phase is expected to start around 2027. During this phase, VBScript will still be available but only as an optional feature. It will not be pre-installed on new systems, signaling a move towards its complete removal. By then, users are expected to have transitioned to alternative scripting languages like JavaScript or PowerShell.

In the third and final phase, VBScript will be entirely removed from future versions of Windows. All related dynamic link libraries (.dll files) will be eliminated, and any projects relying on VBScript will cease to function. This complete retirement will ensure a transition to more secure and efficient scripting languages. Microsoft has emphasized that this phase will remove all VBScript components, thereby improving system security and performance.

Numerous cybercrime groups used VBScript to infect computers with malware

Microsoft's decision to discontinue VBScript is driven by several factors. Firstly, modern scripting languages like JavaScript and PowerShell offer broader capabilities and are better suited for today's web development and automation needs. These languages provide more power, versatility, and efficiency compared to the older VBScript, making them ideal for modern computing environments.

Secondly, the move aims to enhance security. VBScript has been used by attackers in various malware campaigns, delivering strains like Lokibot, Emotet, Qbot, and more recently, DarkGate malware.[3] By discontinuing VBScript, Microsoft reduces the attack surface and potential vulnerabilities in its operating systems.

This effort traces back to 2018 when Microsoft extended support for its Antimalware Scan Interface (AMSI) to Office 365 client applications,[4] curbing attacks that utilized Office VBA macros.

Since then, Microsoft has also disabled Excel 4.0 (XLM) macros, mandated default blocking of VBA Office macros, introduced XLM macro protection, and began blocking untrusted XLL add-ins by default across Microsoft 365 tenants worldwide.

Lastly, this decision is part of a broader effort to modernize Windows and Office features. Microsoft has been updating its security measures and removing features that threat actors use as attack vectors to infect users with malware.

Discontinuing VBScript aligns with these ongoing security enhancements, making the operating system more robust against potential threats. This move also follows recent steps like deprecating NT LAN Manager (NTLM)[5] in favor of Kerberos for authentication, further minimizing the attack surface.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions