Anti-Exploit's protection is blocking Visual Basic 6

Document created by aprobert Employee on Jun 5, 2018Last modified by rsullinger on Jun 29, 2018
Version 7Show Document
  • View in full screen mode

Malwarebytes' Anti-Exploit protection hooks into browsers to monitor for the launching of VBscript interpreters with a generic detection and block all VBscript invocations.

This is consistent with Microsoft’s statement that “VBScript is deprecated in Internet Explorer and is not executed for webpages displayed in IE11 mode”.  Refer to Disabling VBScript execution in Internet Explorer 11.

 

Microsoft recommends the use of JavaScript in preference to VBScript and to contact your vendors for plans.


Resolution

If you need to use VBScript for an internal application, the detection can be disabled by going into the advanced settings and disabling this protection. 

 

Cloud Console

To disable this protection in the Cloud console:

 

  1. Log in to the Cloud console.

  2. Go Policy > Windows > Settings and click on the Advanced settings option under Exploit Protection.  

  3. Under the Application Hardening tab, uncheck the Disable Internet Explorer VB Scripting box.

 

Management console

To disable this protection in the Management Console:

 

  1. Log in to the Management Console.

  2. Go to Policy > Anti-Exploit > Advanced ... button in the bottom right.

  3. Under the Application Hardening, uncheck Disable Internet Explorer VB Scripting.

 


To maintain this protection, Microsoft has a new feature to disable VBScript from Internet Zone and Restricted Sites Zone, which can be enabled via registry setting and through group policy object (GPO).  This is documented in KB 4012494, Option to disable VBScript execution in Internet Explorer for Internet Zone and Restricted Sites Zone.

Attachments

    Outcomes