- Dec 23, 2014
- 8,593
Those Attack surface reduction rules should stop most malicious documents from loading payloads, because macros mostly use system executables (cmd.exe, powershell.exe, wscript.exe, bitsadmin.exe,...) to do it.I was also testing but with some hard tweaks in GPU + some Attack surface reduction settings from HERE
Protection was not so bad but it was just quick test and I didn't check OS with 3rd party app.
I am curious how they can fight other document vulnerabilities.