Stopping attacks that use SLK files

Published Feb 15 2018 05:12 PM 1,621 Views

New attacks that hide behind SLK or symbolic link files to launch malicious content from Excel are handily caught by Windows Defender ATP as malicious behavior. Yes, we flag bad behaviors, .slk or otherwise.

To block attacks that use SLK with DDE, disable DDE and turn on Attack surface reduction in Windows Defender Exploit Guard.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Products (52)

Special Topics (29)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Stopping attacks that use SLK files