Jump to content

Anti-Exploit detection blocking Excel files


Recommended Posts


I had a user having Anti-Exploit blocking Excel files pulled from our network shared drive.        

Exploit attempt blocked BLOCK......................Microsoft Office Excel    C:\Program Files\Microsoft Office\Office16\EXCEL.EXE   Attacked application: C:\Program Files\Microsoft Office\Office16\EXCEL.EXE; Parent process name: explorer.exe; Layer: Application Behavior Protection; API ID: 301; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra:

This behavior start happening yesterday and the user was not able to work, is there a reason why suddenly Anti-Exploit blocked all these files?

Thank you


Link to post
Share on other sites

  • Staff

Hi leobando,

Can you restore to default settings by following the instructions as in the screenshots below. Thank you.


Apart from this please also ensure that the following setting is unchecked


After the above 2 steps if the block still occurs, please uncheck the following setting




Link to post
Share on other sites

Hi Arthi,

I've just changed the settings as you described


Do you have an idea what it was triggering the blocking? How bad is it to have that setting turned off?

I also see my Protection for MessageBox payload is turned off by default, should I turn it on?

Thank you

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.