Jump to content

Exploit Office WMI abuse blocked latest PowerPoint

amicone

By amicone
in Exploit

 Share

Recommended Posts

amicone

amicone

Posted
Posted

Running latest office 365 PowerPoint update, this is 100% repeatable:

  1. Open a "slide with content" and choose a graph as the content.
  2. Use the edit data item on the graph.
  3. When the chromeless excel window opens with some sample data, attempt to edit a line.
  4. Malwarebytes kills Powerpoint for Office WMI abuse.

I know I can just turn off Office WMI support or turn off malware protection temporarily, but turning off security to perform routine computing tasks is something I try to avoid.

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
6 minutes ago, amicone said:

I know I can just turn off Office WMI support or turn off malware protection temporarily, but turning off security to perform routine computing tasks is something I try to avoid.

Did you enable Penetration testing in advanced exploit settings?

image.png.6c1222d130a80ef4b5a32517b4b0f620.png

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.