In the mid-year report, X-Force conveyed that the use of Visual Basic Script or
VBScript with Web browser exploitation was three percent. Visual Basic Script
is an older language native to the Internet Explorer browser. Other browsers
such as Firefox, Opera, Chrome and Safari do not support this script language
although they are targeted by attackers far less frequently due to market share.
During the second half of 2008, VBScript utilization towards exploitation of IE
increased on a per-site basis by 562%. Thus, while VBScript is still utilized by
a small number overall, its increase indicates a potential trend. One possible
explanation is that most detection solutions only support JavaScript analysis
and therefore it is a form of obfuscation.

Please Please Please, release the VBScript Grammar!