- Jul 19, 2018
Hmm, I see. Yet, from the limited knowledge i have, the block rule should block the execution of all suspicious applications(.bat, .ps, etc.) from vulnerable applications(office files, etc.), regardless of file rating. Unless there is an uncommon way to do this. Then, maybe a system wide rule would be more protective. Though I still think simply blocking all unrecognized scripts would be enough to stop this attack chain. The same goes with cruel CFW settings. I would like to try it in the VM to see how it will perform against CFW.In my case I was lazy to put more effort, so you have to execute the bat file. If I were to embed this in a document, you don’t have to do anything else, other then clicking “allow content”. It will automatically do everything else for you. There are many other possible ways to run this code on your machine.