News

For protection against hackers’ attacks, VBScript in Windows 7 and 8 will be disabled

As part of the August Update Tuesday, on August 13, 2019, Microsoft will by default disable VBScript in Internet Explorer 11. Researchers explain this by the fact that attackers too often exploit vulnerabilities in this script engine.

Disabling will automatically happen with the release of cumulative updates for Windows 7, 8 and 8.1. VBScript in Windows 7 and 8 will be disabled by default.

“The change to disable VBScript will take effect in the upcoming cumulative updates for Windows 7, 8, and 8.1 on August 13th, 2019. VBScript will be disabled by default for Internet Explorer 11 and WebOCs for Internet and Untrusted zones on all platforms running Internet Explorer 11. This change is effective for Internet Explorer 11 on Windows 10 as of the July 9th, 2019 cumulative updates”, — report in Microsoft.

Read also: New Hexane Cyber Group Attacks Middle East Industrial Enterprises

It is worth reminding that in Windows 10 the problematic engine was disabled last month, and in general is implemented policy of gradual rejection of VBScript, which was first introduced in 1996.

“In early 2017, we began the process of disabling VBScript in Internet Explorer 11 to give the world the opportunity to prepare for it to be disabled by default”, — explains Brent Mills, Senior Program Manager in Microsoft.

However, if VBScript is still necessary, for example, to ensure work of an old site, the outdated engine can still be turned on manually (through the registry and group policies). Nevertheless, Microsoft experts strongly recommend to stop doing this and advise cessation of exploiting VBScript for all websites at all as soon as possible.

It is worth noting that VBScript has been used in hacker attacks since the long bygone times of the legendary worm I Love You (2000). Interestingly, today North Korean hack groups are actively exploiting vulnerabilities in the script engine.
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button