In Windows RT on a Surface tablet, I'm running a VB script that fails on the first line which is:
Set WshShell = WScript.CreateObject("WScript.Shell")
The error message says:
Could not create object WScript.Shell with the error code: 80070005
This seems to be a generic error code having to do with access permissions. Any ideas?
I am running with admin privileges.
Windows RT (also known as Windows 8 RT, Windows 8.1 RT, and Surface RT) uses User Mode Code Integrity (UMCI) to restrict the software that is allowed to run.
In the case of VBScript, the Code Integrity component of UMCI only allows creation of "enlightened" COM objects.
"Which COM objects are enlightened?" you ask. Good question. Let's use PowerShell on our Windows RT device to help us find out.
$arrInstances = @(Get-WMIObject -ClassName 'Win32_COMSetting')
$arrCOMObjectProgIDs = @($arrInstances | Where-Object { $null -ne $_.ProgId } |
ForEach-Object { $_.ProgId })
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
$result = @($arrCOMObjectProgIDs | ForEach-Object { if (New-Object -ComObject $_) { $_ } })
$result
On my fully-patched Surface 2 device, as of today, 2021-Jan-17, the only enlightened COM objects with a ProgID (i.e., the only ones callable from VBScript on Windows RT) are:
It is not possible to create other VBScript objects (e.g., WScript.Shell, WScript.Network, WinNTSystemInfo, Wbemscripting.SWbemLocator, etc.) on Windows RT due to User Mode Code Integrity (UMCI).
For a more-robust version of the above code, check out my script "Get-COMObjectsProgIDsAllowedToLaunch.ps1" posted to my GitHub repo: https://github.com/franklesniak/PowerShell_Resources
I've seen in a few places people commenting that RT doesn't allow VBScript to run WScript.Shell, though I've not found any official documentation to that effect.
It may just be that the script needs to run with Admin privileges.
