Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

usonian

(14,364 posts)
Thu Oct 12, 2023, 11:44 AM Oct 2023

Microsoft to kill off VBScript in Windows to block malware delivery

https://www.bleepingcomputer.com/news/security/microsoft-to-kill-off-vbscript-in-windows-to-block-malware-delivery/

Microsoft is planning to phase out VBScript in future Windows releases after 30 years of use, making it an on-demand feature until it is removed.

VBScript (also known as Visual Basic Script or Microsoft Visual Basic Scripting Edition) is a programming language similar to Visual Basic or Visual Basic for Applications (VBA) and was introduced almost 30 years ago, in August 1996.

It comes bundled with Internet Explorer (which was killed off by Redmond across some Windows 10 platforms in February), integrates active scripting into Windows environments, and communicates with host applications through Windows Script.



OH MY GOODNESS.
30 years and trillions of dollars (estimated) of damage caused by this attack vector later.

Modern software design tries to containerize apps, and even isolate one browser tab from another.

"The internet's one tough town"
3 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Microsoft to kill off VBScript in Windows to block malware delivery (Original Post) usonian Oct 2023 OP
Malware relies on simple API calls to windows. The_Casual_Observer Oct 2023 #1
Yes, but a popular vector for attacks unc70 Oct 2023 #2
Not so much "design failures" as the necessity of supporting closed source proprietary software. hunter Oct 2023 #3
 

The_Casual_Observer

(27,742 posts)
1. Malware relies on simple API calls to windows.
Thu Oct 12, 2023, 11:51 AM
Oct 2023

VB script is only one of many ways to make those calls.

unc70

(6,329 posts)
2. Yes, but a popular vector for attacks
Thu Oct 12, 2023, 12:32 PM
Oct 2023

Most malware does rely on flaws in Windows and years of design failures. Sloppy, unprofessional, buggy, arcane, clueless, ...

hunter

(39,011 posts)
3. Not so much "design failures" as the necessity of supporting closed source proprietary software.
Fri Oct 13, 2023, 10:20 AM
Oct 2023

Business people will blame Microsoft if some security upgrade breaks proprietary software that they paid a fortune for and use daily. They're less likely to blame the developer of the proprietary software, who may or may not be willing to sell them an "upgrade," if the developer is still around at all.

When a security upgrade breaks something in the open source world someone fixes it, the programs get recompiled, and life goes on. Some software in the various Linux and BSD repositories is truly ancient by computing standards yet it still works the same as it ever did.

Windows can't always work like this. Instead it has to recognize older proprietary software and apply some ugly kludge in the operating system itself to keep the old software running. Eventually the tower of crap collapses and Microsoft is forced to discontinue support entirely for things like VBScript.

The first serious operating system I used was BSD, in the late 'seventies and early eighties. I eventually migrated to Windows, mostly so I could use modern web browsers such as Opera. The last version of Windows I used on my home computers was 98SE. When I quit that for Linux it was like going home again. A lot of the stuff I'd been doing with BSD "just worked," including my finger memory. The stuff that didn't work I could fix myself or, more likely, someone else had already had the same problem and fixed it. I wasn't dependent upon the whims or business models of any proprietary software company or developer to fix it for me.

Latest Discussions»Help & Search»Computer Help and Support»Microsoft to kill off VBS...