Word is being blocked.

[RickF-]

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 9/20/21
Protection Event Time: 11:09 AM
Log File: c789b8ba-1a24-11ec-8e53-3cecef87a136.json

-Software Information-
Version: 4.4.6.132
Components Version: 1.0.1453
Update Package Version: 1.0.45150
License: Premium

-System Information-
OS: Windows 10 (Build 19042.1237)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, ComSpec=C:\windows\system32\cmd.exe, Blocked, 0, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: Microsoft Office Word
Protection Layer: Application Behavior Protection
Protection Technique: Exploit Office WMI abuse blocked
File Name: ComSpec=C:\windows\system32\cmd.exe
URL: 

(end)

 

 

I think this is false positive? How to fix?

[AdvancedSetup]

Hello @RickF-

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

• Download the Malwarebytes Support Tool
• In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
• In the User Account Control pop-up window, click Yes to continue the installation
• Run the MBST Support Tool
• In the left navigation pane of the Malwarebytes Support Tool, click Advanced
• In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
• A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

[Porthos]

1 hour ago, RickF- said:

Protection Technique: Exploit Office WMI abuse blocked

Uncheck the following in advanced exploit settings and click apply.