The exploit popular earlier were Visual Basic Script (VBS) worms. What is VBS? Let's see what Microsoft says:

Microsoft® Visual Basic® Scripting Edition, a subset of the Microsoft Visual Basic programming language, is a fast, portable, lightweight interpreter for use in World Wide Web browsers and other applications that use Microsoft ActiveX® Controls, Automation servers, and Java applets.

Basically, think about VBScript as a super batch language. VBScript is an interpreted language (so scripts are really the source code for whatever needs to be done). Scripts can be embedded into such things as Web pages or can be standalone files (with the extension .VBS usually).

If you've got Microsoft's Internet Explorer 5 (or later) browser on your system it's likely you also have the Windows Scripting Host (WSH) which is the program used to interpret and run VBS scripts.

Even though VBScript is a scaled down language it is quite capable and can be used to, for example, connect to Microsoft's Outlook mail routines and send files to anyone in your address book. This, of course, makes it possible for VBScript to be a language used by worms to spread themselves.

VBScript can be disabled on your system. We have a page that tells you how to do this if you wish. [Update for XP and Vista]

[Mention NoScript add-on to Firefox]

Summary

• VBScript is a language that can easily be used to create worms that send themselves and possibly files from your computer to others on the Internet.
• Consider turning scripting off to prevent your accidentally running a malicious script.

What Viruses Infect
Source Code	Screensavers