Support

Support for business applications

Kaspersky Security 11.x for Windows Server

Script Monitoring

About the Script Monitoring task

Kaspersky Security 11.x for Windows Server
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

About the Script Monitoring task

June 10, 2022

ID 151174

Save as PDF

When the Script Monitoring task is running, Kaspersky Security for Windows Server controls the execution of scripts created using Microsoft Windows scripting technologies (Active Scripting) such as VBScript or JScript®. The application can also process PowerShell™ scripts and scripts run in the Microsoft Office applications on operating systems with the Antimalware Scan Interface (AMSI) installed. You can allow or block execution of a script that has been found to be dangerous or probably dangerous. If Kaspersky Security for Windows Server identifies a script as potentially dangerous, it blocks or allows execution of the script according to your selected action. If the Block action is selected, the application allows script execution only if a script has been found to be safe.

Starting from the Microsoft Windows Server 2016 operating system, Kaspersky Security for Windows Server supports the Antimalware Scan Interface (AMSI). AMSI allows applications and services to integrate with any antimalware application installed on a device in order for all the executed scripts to be intercepted and scanned by the antimalware.

By default, the Script Monitoring component is not installed on the protected device as part of the application. When the Script Monitoring component is installed, the application is registered as an AMSI provider and starts to monitor executed scripts.

On devices running operating systems that do not support the AMSI feature, the use of this component may be incompatible with some of third-party applications installed on the protected device. In this case, monitoring third-party scripts can cause scripts to malfunction. We recommend that you either not use such third-party applications or disable the Script Monitoring task. If the task is disabled, security risks associated with script execution increase.

If you want to use the Script Monitoring component, you must manually select it in the list of installed components during installation of Kaspersky Security for Windows Server. By default, if the component is installed, the Script Monitoring task is automatically started when Kaspersky Security for Windows Server starts.

You can find more information about AMSI functionality on the Microsoft Windows website.

You can configure the Script Monitoring task settings.

Kaspersky Security for Windows Server: Prompt detection of all kinds of threats
Launch control and exploit prevention for businesses of all sizes. Buy as part of Endpoint Security for Business Advanced.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.