My customer got back to me:
"
As I thought, the "Application Hardening" options were left as-is, i.e. I have not changed the defaults. Here is a screenshot from before I clicked "Restore Defaults", followed by the same options screen after clicking "Restore Defaults" and "Apply"
<SEE ATTACHED SCREENSHOT>
No change, no difference.
And here is a log of the actual block event:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes
www.malwarebytes.com
-Log Details-
Protection Event Date: 2/8/23
Protection Event Time: 8:15 PM
Log File: 18c770e6-a791-11ed-bd2b-d8bbc14ee46c.json
-Software Information-
Version: 4.5.21.231
Components Version: 1.0.1890
Update Package Version: 1.0.65440
License: Premium
-System Information-
OS: Windows 11 (Build 22621.1194)
CPU: x64
File System: NTFS
User: System
-Exploit Details-
File: 0
(No malicious items detected)
Exploit: 1
Exploit.HeapMemoryCodeExecution, , Blocked, 0, 392684, 0.0.0, ,
-Exploit Data-
Affected Application: Microsoft Office Excel
Protection Layer: Malicious Memory Protection
Protection Technique: Exploit code executing from Heap memory blocked
File Name:
URL: https://jkp-ads.com/downloa/downloadscript.asp?filename=RefTreeAnalyserXL.xlam
"