MS Office introduces so many vectors of attack that it is not worthy for the home users, and they can try Libre Office, WPS Office or SoftMaker Office. The real problem may affect the users who have to use MS Office, because of compatibility issues. That can happen, especially with Excel documents, and the user cannot usually disable VBA macros, OLE, AciveX, etc., without breaking advanced Excel features. The Anti-Exploit AV modules are not well tested against weaponized documents (like in the case of Sophos).
I had such problem, because I had to share the documents with many people in work and I had to manage documents also in home.
Generally, there is no easy way to solve the MS Office problem. There are some uneasy solutions for the home users:
- Sandboxed MS Office.
- MS Office in the Virtual Machine.
- SRP + WD ASR (real-time WD required).
- Anti-Exe with not whitelisted system processes but whitelisted command lines with system processes.
There are probably some other like Comodo Firewall (autosandbox), KIS or BIS which have ATP like modules. Some people would choose also HitmanPro Alert. But, such solutions can cause some problems with system stability & compatibility on Windows 10.
