Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 991531" data-attributes="member: 32260"><p>If one uses complex documents that require macros, DDE, updating data from remote locations (like the Internet or remote shares), etc., then the DocumentsAntiExploit (DAE) protection will show the Partial or OFF setting. This means that DAE cannot cover some important attack vectors anymore, and the H_C Recommended_Settings alone will be insufficient. One has to use a Strict_Recommended_Settings with additionally blocked Sponsors or use Defender with ASR rules. People who can afford to spend some money can consider buying a subscription that includes Application Guard for MS Office.</p><p></p><p>Using Defender with ASR rules + H_C Recommended_Settings can probably cover 99% of attack vectors even when DocumentAntiExploit settings are OFF. But when using complex documents and Outlook, some ASR rules have to be disabled or weakened by exclusions, and the protection is not so great anymore.</p><p></p><p>In the case when one has to use MS Office and allow macros, or other potentially dangerous features (DAE Partial or OFF setting), my advice is to avoid using MS Office for document viewing and be very careful when opening documents for editing. This will significantly lower the possibility of infection. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 991531, member: 32260"] If one uses complex documents that require macros, DDE, updating data from remote locations (like the Internet or remote shares), etc., then the DocumentsAntiExploit (DAE) protection will show the Partial or OFF setting. This means that DAE cannot cover some important attack vectors anymore, and the H_C Recommended_Settings alone will be insufficient. One has to use a Strict_Recommended_Settings with additionally blocked Sponsors or use Defender with ASR rules. People who can afford to spend some money can consider buying a subscription that includes Application Guard for MS Office. Using Defender with ASR rules + H_C Recommended_Settings can probably cover 99% of attack vectors even when DocumentAntiExploit settings are OFF. But when using complex documents and Outlook, some ASR rules have to be disabled or weakened by exclusions, and the protection is not so great anymore. In the case when one has to use MS Office and allow macros, or other potentially dangerous features (DAE Partial or OFF setting), my advice is to avoid using MS Office for document viewing and be very careful when opening documents for editing. This will significantly lower the possibility of infection. (y) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
