As part of the August Update Tuesday, on August 13, 2019, Microsoft will by default disable VBScript in Internet Explorer 11. Researchers explain this by the fact that attackers too often exploit vulnerabilities in this script engine.
Disabling will automatically happen with the release of cumulative updates for Windows 7, 8 and 8.1. VBScript in Windows 7 and 8 will be disabled by default.“The change to disable VBScript will take effect in the upcoming cumulative updates for Windows 7, 8, and 8.1 on August 13th, 2019. VBScript will be disabled by default for Internet Explorer 11 and WebOCs for Internet and Untrusted zones on all platforms running Internet Explorer 11. This change is effective for Internet Explorer 11 on Windows 10 as of the July 9th, 2019 cumulative updates”, — report in Microsoft.
Read also: New Hexane Cyber Group Attacks Middle East Industrial Enterprises
It is worth reminding that in Windows 10 the problematic engine was disabled last month, and in general is implemented policy of gradual rejection of VBScript, which was first introduced in 1996.
“In early 2017, we began the process of disabling VBScript in Internet Explorer 11 to give the world the opportunity to prepare for it to be disabled by default”, — explains Brent Mills, Senior Program Manager in Microsoft.
However, if VBScript is still necessary, for example, to ensure work of an old site, the outdated engine can still be turned on manually (through the registry and group policies). Nevertheless, Microsoft experts strongly recommend to stop doing this and advise cessation of exploiting VBScript for all websites at all as soon as possible.
User Review
( votes)
