Windows Defender Detects Malicious Macros in Real time.
Posted in Anti Malware, Infosec, Malicous macro, Office Macro, Threat Hunting, Windows 10, Windows defender
We are seeing an increasing trend of Microsoft office files are being used as Trojans to download malicious payloads by using legitimate features like VB Macros.
If you are running Windows Defender as your default AV, check out this video as how Defender uses its client side ML with AMSI to detect malicous VB macro and blocks it in real time.
This feature doesn’t require any definition.
let me know what you think.
Cheers