New
#21
It is a false impression that VBScript cannot be used safely.
From Microsoft -
PowerShell's execution policy is a safety feature that controls the conditions under which PowerShell loads configuration files and runs scripts. This feature helps prevent the execution of malicious scripts.
On a Windows computer you can set an execution policy for the local computer, for the current user, or for a particular session. You can also use a Group Policy setting to set execution policies for computers and users.
VBScript has no execution policy.
Batch script has no execution policy and is commonly used on TenForums.
In the blog post “15 Ways to Bypass the PowerShell Execution Policy,” Scott outlines the different ways an attacker or malicious software can bypass this feature.
The PowerShell execution policy is the setting that determines which type of PowerShell scripts (if any) can be run on the systems. By default, it is set to “Restricted.“ While this setting is not meant to be a security control, it is used often by attackers and malicious software to execute code on a system without having administrative-level access.
Source: Analysis of a Threat: PowerShell Malicious Activity - Blumira
Execution policy is a speed bump to protect users from some crap script that they downloaded that causes malicious activity.
VBScript has nothing to bypass.
"System security" is another discussion entirely.
Changing the argument doesn't change the facts about VBScript.
The fact is that both PowerShell and VBScript are targeted by malware, and the former is more likely to be so.