[arboghast]

Macros are less commonly used as an attack vector for initial access nowadays. Sure they’ll make it harder for macros, but still is possible to run a one-click attack by attaching a js, jse, hta, paf, ws, wsf, scr, etc. to an email.

[technion]

Allow me to reference my own workaround for those vectors:

https://github.com/technion/open_safety

[arboghast]

That’s pretty clever. I like it.

[technion]

Appreciated!

[stevemk14ebr]

I work in security - your statement is incorrect. Its fairly common.