Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 768559" data-attributes="member: 32260"><p>Yes, except the above system-wide entries, in the actual version 4.0.0.0 on Administrator type of account, there are many other registry entries for hardening MS Office. They are related to the below registry keys (non-system-wide, the asterisk means the version 12.0, 14.0, 15.0, 16.0):</p><p>HKCU\Software\Microsoft\Office\*\Word\Security</p><p>HKCU\Software\Microsoft\Office\*\Word\Options</p><p>HKCU\Software\Microsoft\Office\*\Word\Options\WordMail</p><p>HKCU\Software\Microsoft\Office\*\Excel\Security</p><p>HKCU\Software\Microsoft\Office\*\Excel\Options</p><p>HKCU\Software\Microsoft\Office\*\PowerPoint\Security</p><p>HKCU\Software\Microsoft\Office\*\OneNote\Options</p><p>HKCU\Software\Microsoft\Office\Common\Security</p><p></p><p>There are also many entries (system-wide and non-system-wide for Adobe Acrobat Reader XI and DC).</p><p>But for MS Office on SUA, only the system-wide VBAOFF entry is applied.</p><p></p><p>In the new version 4.0.0.1 the system-wide entries will be configured by Hard_Configurator, and those entries for MS Office and Adobe Acrobat Reader XI/DC can be supported by WD ASR rules (also system wide) and default-deny SRP to apply the strong security against weaponized documents opened by MS Office and Adobe Acrobat Reader XI/DC.</p><p>If one cannot apply ASR then it is possible to use DocumentsAntiExploit tool (from SwitchDefaultDeny application) to apply the above and some additional entries in HKCU Hive. They are not system wide, so the settings can be different on different accounts.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 768559, member: 32260"] Yes, except the above system-wide entries, in the actual version 4.0.0.0 on Administrator type of account, there are many other registry entries for hardening MS Office. They are related to the below registry keys (non-system-wide, the asterisk means the version 12.0, 14.0, 15.0, 16.0): HKCU\Software\Microsoft\Office\*\Word\Security HKCU\Software\Microsoft\Office\*\Word\Options HKCU\Software\Microsoft\Office\*\Word\Options\WordMail HKCU\Software\Microsoft\Office\*\Excel\Security HKCU\Software\Microsoft\Office\*\Excel\Options HKCU\Software\Microsoft\Office\*\PowerPoint\Security HKCU\Software\Microsoft\Office\*\OneNote\Options HKCU\Software\Microsoft\Office\Common\Security There are also many entries (system-wide and non-system-wide for Adobe Acrobat Reader XI and DC). But for MS Office on SUA, only the system-wide VBAOFF entry is applied. In the new version 4.0.0.1 the system-wide entries will be configured by Hard_Configurator, and those entries for MS Office and Adobe Acrobat Reader XI/DC can be supported by WD ASR rules (also system wide) and default-deny SRP to apply the strong security against weaponized documents opened by MS Office and Adobe Acrobat Reader XI/DC. If one cannot apply ASR then it is possible to use DocumentsAntiExploit tool (from SwitchDefaultDeny application) to apply the above and some additional entries in HKCU Hive. They are not system wide, so the settings can be different on different accounts. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
