Thanks for the quick reply Pedro! You are correct. The add-in is a third party add-in through a product by Oracle called BIPublisher. I think it is this product, specifically: http://www.peoplesoftpages.com/installation-of-peoplesoft-bi-publisher-xml-publisher/ I will get with this user and see if there is any way to run this script outside of word and not using a macro. I am in agreement with you that this type of word behavior is frowned upon and should be discouraged. Especially in light of all the attack vectors that take place using these sort of external commands via macros.
Hi guys, So we have an interesting problem we are trying to figure out how to fix. We have a few users that run an external script in Microsoft Word and the only way to allow this script with anti-exploit running is to unshield Word in anti-exploit. I’d hate to have to disable the Microsoft word shield altogether. here's the alert: "2016-11-16T16:09:26.690-05:00";"userA1111";"2056";"C:\ProgramData\Oracle\Java\javapath\javaw.exe";"9424";"WINWORD.EXE";"3";"701";"207";"";"";"";"";"";"";"C:\windows\SYSTEM32\cmd.exe \C FOR %a In (C:\Users\userA1111\AppData\Local\Oracle\BIPublisher\