Discussion

Office Plugin Triggering MS Attack Surface Reduction Rule

Laserfiche Version 10

Updated February 4, 2021

posted on February 1, 2021 • Show version history

We noticed that the Laserfiche.OfficeMonitor process is triggering blocks from the MS Attack Surface Reduction Rule in third party plug ins. We have added it to the exclusion list, but was wondering if there is a remedy in the work for this problem. I suspect we'll have to excluding it all over after various updates. Software versions: Office 365, Laserfiche 10.4.2, and Microsoft Defender ATP (or Defender for Endpoint as they’re re-branding it.)

0 0

Comments 2
Follow-Ups 0

replied on February 4, 2021

Hello Bill,

Thank you for reaching out. Our Office Plug-in does start child processes with Laserfiche.OfficeMonitor which is one of the items that Microsoft Defender flags. Adding it to the exclusion list is the best option today. Our team is looking at how we can adapt the plug-in but we don't have a timeline identified or confirmation that there would be a fix at this point.

Apologies for the inconvenience.

2 0

replied on February 3, 2021

Hi Bill,

Thanks for bringing this to our attention. I've passed this post to the product team and they'll reach out if they have any follow-up questions.

Cheers,

Sam

1 0

You are not allowed to follow up in this post.

Discussion

Discussion

Office Plugin Triggering MS Attack Surface Reduction Rule

Comments 2

Follow-Ups 0

Sign in to reply to this post.