- Apr 24, 2016
@Andy Ful What is the latest version of the Documents Anti-Exploit tool?Yes, it will prevent running the Excel 4.0 macros. DocumentsAntiExploit tool applies several restrictions and can be used when Defender is not configured with advanced settings or when another AV is used. The user has to use DocumentsAntiExploit on each account, because configuring the restrictions for one particular user does not have an impact to other user accounts.
In MS Office, the below settings are applied (valid up to MS Office 2019):
In Adobe Acrobat Reader XI/DC, the below settings are applied :
- Disabled Macros in MS Office XP and MS Office 2003+ (Word, Excel, PowerPoint, Access, Publisher, Outlook).
- Disabled Access to Visual Basic Object Model (VBOM) in MS Office 2007+ (Access, Excel, PowerPoint, and Word).
- Disabled DDE in Word 2007+ (requires Windows Updates pushed in January 2018, see Microsoft Security Advisory ADV170021).
- Disabled auto-update for any linked fields (including DDE and OLE) in Word 2007+, Excel 2007+, Outlook 2007+, One Note 2013+.
- Disabled ActiveX in MS Office 2007+.
- Disabled OLE in MS Office 2007+ (Word, Excel, PowerPoint).
- Disabled ‘Run Programs’ option for action buttons in PowerPoint 2007+.
- Disabled automatic download of linked images in PowerPoint 2007+.
- Disabled TrustBar notifications in MS Office 2007+.
- The dangerous features in Adobe Acrobat Reader DC on Windows 8.1/10 can be silently mitigated in AppContainer.
- The dangerous features in Adobe Acrobat Reader XI/DC can be blocked with the ‘Yellow Message Bar’ (the user can allow them).
- The restrictions apply to the current account and overwrite native settings in Adobe Acrobat Reader XI/DC.
- The user can apply different restrictions on different accounts.