Exploit.OfficeWMIAbuse

Short bio

Exploit.OfficeWMIAbuse is Malwarebytes' detection name for attempts at malicious usage of Windows Management Instrumentation (WMI) by macro exploits. 

Technique

Exploit.OfficeWMIAbuse monitors, detects, and blocks attempts at malicious usage of WMI by macro exploits. WMI is the infrastructure for management data and operations on Windows-based operating systems. WMI allows scripting languages (such as VBScript or Windows PowerShell) to manage Microsoft Windows personal computers and servers, both locally and remotely. A macro is a set of commands that application users group together and save, so they can execute it with a single command or keystroke. 

Protection

Malwarebytes protects your system(s) by detecting malicious usage of WMI by macro exploits
Office WMI abuse blocked
Exploit Office WMI abuse blocked

Related blog content

Anti-exploit settings in Malwarebytes Nebula

What is Exploit Protection

Microsoft takes macros out of the equation for five Office apps

Select your language

New Buy Online Partner Icon Warning Icon