New attacks that hide behind SLK or symbolic link files to launch malicious content from Excel are handily caught by Windows Defender ATP as malicious behavior. Yes, we flag bad behaviors, .slk or otherwise.
To block attacks that use SLK with DDE, disable DDE and turn on Attack surface reduction in Windows Defender Exploit Guard.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.