Information
This rule prevents scripts from launching potentially malicious downloaded content. Malware written in JavaScript or VBScript often acts as a downloader to fetch and launch other malware from the Internet. Although not common, line-of-business applications sometimes use scripts to download and launch installers.
The recommended state for this setting is: Block
Attack surface reduction helps prevent actions and apps that are typically used by exploit-seeking malware to infect machines.
Solution
To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to Block
Defender\Block Office applications from creating executable content
Impact:
When a rule is triggered, a notification will be displayed from the Action Center.