Windows Script Host or
Several “HTML malware” have been reported to use WSH objects as a result of which, those who do not require this feature, tend to disable it. But disabling
Windows applications and processes may be automated using a script in Windows Script Host. Viruses and malware could be written to exploit this ability.
VBS scripts are used by malware authors either to cause disruption in an environment or to run a process that will download more advanced malware. The ILOVEYOU VBS malware caused a huge amount of damage back in the early
We can disable them completely by disabling the Windows Script Host engine which is what. VBS files use to run. This can be very much useful for securing your environment against Cryptolocker and Ransomware.
Please follow the steps below in order to strengthen your environment by disabling the Windows Script Host via Group Policy Object:
A. Create a new GPO on the Domain Controller and name it
- Open Group Policy Management Console.
- Expand the forest.
- Click on the domain.
- Right click on the Group Policy Objects and then click on New.
- Enter its name, here I am using SecureEnvironment.
B. Right click on the Group Policy Object (
C. Expand the Computer Configuration and then go to Preferences > Windows Settings > Registry.
D. Right click on Registry and then choose to create New Registry Item.
E. Enter the following as shown in the image and in the Key Path: SOFTWARE\Microsoft\Windows Script Host\Settings
G. Now go to the Group Policy Management Console and right click on the Domain name and choose Link an Existing GPO.
H. Choose the
I. Now that you have linked the GPO to the Domain Level so that it gets applied to all PC’s/Users in the domain.
Latest posts by Vikram (see all)
- Windows 10 not Booting Up after Joining to the Domain - January 9, 2019
- Disable Windows Script Host via Group Policy Object - January 7, 2019
- Disable Macros for all Office Apps via Group Policy Management Console - August 8, 2017