Saturday, June 15, 2024

Microsoft Replacing VBScript With JavaScript & PowerShell

Microsoft has shifted its scripting options for web development and task automation.

The company is replacing VBScript with more advanced alternatives such as JavaScript and PowerShell to provide users with the most modern and efficient tools.

This article explores what VBScript deprecation means for users and how they can prepare for the transition.

Visual Basic Scripting Edition, commonly known as VBScript, is a lightweight scripting language introduced by Microsoft in 1996.

It has been widely used for automating tasks and controlling applications on Windows-based systems.

ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service

VBScript is often embedded within HTML pages to add dynamic interactivity and functionality and is commonly used with Microsoft technologies like Active Server Pages (ASP) and Windows Script Host (WSH).

Why is VBScript Deprecated?

Over the years, technology has evolved, developing more powerful and versatile scripting languages such as JavaScript and PowerShell.

These languages offer broader capabilities and are better suited for modern web development and automation tasks.

Deprecation is a stage in the product lifecycle when a feature or functionality is no longer in active development and may be removed in future releases.

It’s a gradual process that can span months or years.

The deprecated feature will typically continue to work and be fully supported until it is officially removed.

Removing a deprecated component helps reduce complexity while keeping users secure and productive.

VBScript Deprecation Plan

Given the decline in VBScript usage in favor of more modern web technologies, Microsoft has developed a phased deprecation plan for VBScript.

A visual timeline of important dates for VBScript deprecation phases.
A visual timeline of important dates for VBScript deprecation phases.

Here is the timeline of these changes:

Phase 1

In the first phase, VBScript Features on Demand (FODs) will be pre-installed by default in all Windows 11, version 24H2, and later.

This ensures that experiences are not disrupted if there is a dependency on VBScript while migrating dependencies away from it.

Users can see the VBScript FODs enabled by default at Start > Settings > System > Optional features.

Figure 1Screenshot of Windows System Settings shows VBScript installed under Optional features.
Figure 1Screenshot of Windows System Settings shows VBScript installed under Optional features.

Phase 2

Around 2027, the VBScript FODs will no longer be enabled by default.

Users still relying on VBScript must enable the FODs to prevent application and process problems.

Steps to Enable VBScript FODs:

  1. Go to Start > Settings > System > Optional features.
  2. Select “View features” next to the “Add an Optional feature” option at the top.
  3. Type “VBSCRIPT” in the search dialog and select the checkbox next to the result.
  4. Press “Next” to enable the disabled feature.
Screenshot of a dialog box for adding an optional feature with a checkbox next to VBScript.
Screenshot of a dialog box for adding an optional feature with a checkbox next to VBScript.

Phase 3

VBScript will be retired and eliminated from future versions of Windows.

VBScript’s dynamic link libraries (.dll files) will be removed, causing projects that rely on it to stop functioning.

By then, users are expected to have switched to suggested alternatives.

VBA Projects That Use VBScript

Visual Basic for Applications (VBA) allows users to automate repetitive tasks and customize functionalities within the Microsoft Office suite.

Currently, VBScript can be used in VBA for two scenarios:

  1. Calling a .vbs script directly from VBA.
  2. VBScript is a typelib reference (such as VBScript regular expression) in VBA.

Users can continue using existing solutions if their VBA projects involve these scenarios, as Phase 1 won’t affect them.

However, future phases will, so staying updated on new developments is essential.

Microsoft recommends migrating to PowerShell if:

  • Your websites or applications depend on VBScript to automate tasks.
  • You use VBScript custom actions as a feature in installer packages.

In these cases, migrating to PowerShell is advisable.

For web pages, Microsoft recommends migrating to JavaScript before Phase 2.

JavaScript offers cross-browser compatibility, working seamlessly across modern browsers such as Microsoft Edge, Mozilla Firefox, Google Chrome, and Apple Safari.

Notably, these browsers have never implemented support for VBScript.

If your webpage functions properly across these modern browsers, VBScript isn’t involved, and its deprecation won’t affect you.

The deprecation of VBScript marks a significant shift towards more modern and efficient scripting options.

By transitioning to JavaScript and PowerShell, users can ensure their applications and web pages remain functional and secure in the evolving technological landscape.

Stay informed and proactive to make the transition as smooth as possible.

Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles