I've updated this for OneNote 2016 and OneNote 2016 (other versions don't seem to need extra protections). Thanks @enigma0x3 !
-
-
Show this thread
-
Note that the OneNote protection is pretty heavy-handed, as it looks to disable all embedded objects.
Show this thread
End of conversation
New conversation -
-
-
The Windows 10 ASR feature (set D4F940AB-401B-4EFC-AADC-AD5F3C50688A to 1) also blocks attacks across the board. https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction …pic.twitter.com/uemBS2WmiK
Show this thread -
Except apparently ASR doesn't apply towards Outlook! The Outlook vector that
@GossiTheDog described still works with ASR enabled. Sigh...pic.twitter.com/yVl1QajRkv
Show this thread
End of conversation
New conversation -
-
-
Did you test the Excel keys? I’ve not found them in the documentation.
-
Yes, I tested each. Documentation is sparse. I wanted to include Office 2007, but there isn't a discrete reg value for the pref change.
- 4 more replies
New conversation -
-
-
I pushed out GPO “Ignore Other Applications”, and now users can’t double-click to open xlsx files. MS KB says Excel uses dde to OPEN DOCS!!
-
I've confirmed this (quite silly) behavior. The "other applications" preference in Excel for DDE includes excel.exe itself!
- 2 more replies
New conversation -
-
-
Thanks for putting this together -- one question. Is it correct to assume that this will help with attachments, but not calendar invites?
-
Incorrect. It blocks any form of a DDE attack I've seen, including rich text emails, calendar invites, and task reminders.
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.