Windows Defender Detects Malicious Macros in Real time.

We are seeing an increasing trend of Microsoft office files are being used as Trojans to download malicious payloads by using legitimate features like VB Macros.

If you are running Windows Defender as your default AV, check out this video as how Defender uses its client side ML with AMSI to detect malicous VB macro and blocks it in real time.

This feature doesn’t require any definition.

let me know what you think.

Cheers