Jump to content

Exploit Office WMI Abuse Blocked


FinDude
 Share

Recommended Posts

I agree with OneTime that this is not a good thing.  The exploit indicates that MSWord is trying to run C:\Windows\System32\cmd.exe and that is a command prompt that could allow another program to run.  Turning off this alleged exploit protection would let that CMD run.  I have run several scanners and nothing is coming up.  I also got a safe mode notice on the restart of MSWord.  

I do appreciate Malwarebytes and all that it has stopped and protected me with.  This is either a quirk in the scanner or a real threat and turning off something that is protecting me seems to go against the purpose of both the product and my wishes to be protected.

Until this is resolved as a false positive, I am NOT disabling this feature.  There is a related post at this link and they should be merged. 

 

  • Like 2
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.