Gone Missing: "Updates & Security" - Replaced by "Delivery Optimizati"

Bree said:

Should we stop using slmgr too?

That's up to the individual.

I no longer use it, since PowerShell can do the same thing.

It's one thing to know the risks, and go with it anyway...that's on you.

It's another thing when users don't know, and are being fed BS about it not being an issue.

DriftyDonn said:

here is an interesting article re: malicious vb scripts.

You can find many articles about Windows malware. Will you stop using Windows because of malware?

Matthew Wai said:

You can find many articles about Windows malware. Will you stop using Windows because of malware?

False logic...it's not either or.

People know that there are precautions they can take against malware and ransomware...and use Windows.

Lots of articles on that as well.

It is a false impression that VBScript cannot be used safely.

From Microsoft -

PowerShell's execution policy is a safety feature that controls the conditions under which PowerShell loads configuration files and runs scripts. This feature helps prevent the execution of malicious scripts.

On a Windows computer you can set an execution policy for the local computer, for the current user, or for a particular session. You can also use a Group Policy setting to set execution policies for computers and users.

VBScript has no execution policy.

Batch script has no execution policy and is commonly used on TenForums.

In the blog post “15 Ways to Bypass the PowerShell Execution Policy,” Scott outlines the different ways an attacker or malicious software can bypass this feature.

The PowerShell execution policy is the setting that determines which type of PowerShell scripts (if any) can be run on the systems. By default, it is set to “Restricted.“ While this setting is not meant to be a security control, it is used often by attackers and malicious software to execute code on a system without having administrative-level access.

Source: Analysis of a Threat: PowerShell Malicious Activity - Blumira

Execution policy is a speed bump to protect users from some crap script that they downloaded that causes malicious activity.

VBScript has nothing to bypass.

"System security" is another discussion entirely.

Changing the argument doesn't change the facts about VBScript.

The fact is that both PowerShell and VBScript are targeted by malware, and the former is more likely to be so.

Matthew Wai said:

The fact is that both PowerShell and VBScript are targeted by malware, and the former is more likely to be so.

Sounds like off-the-cuff opinion...more than fact.

But you keep doing you.