- Login to the Malwarebytes web console.
- Go under the Settings category on the left and choose Policies.
- Create a new, separate policy and edit it to match your standard policy.
- Go inside the policy under the Settings tab - see attach1.png
- Scroll down to the Real-Time Protection section and click Advanced Settings - attach2.png
- This will open a box labeled Anti-Exploit Settings. Go to the Application Behavior Protection tab and uncheck the Protection for Office VBA7 abuse as shown - attach3.png
- Click OK, then scroll all the way back to the top and click SAVE.
- Next go to Settings, Groups on the left column.
- Create a new group and label it in a way to identify the workstations needing this adjustment.
- Under Policy Name select the new policy you just created.
- Next go to Endpoints, Manage Endpoints and use the filters to find the workstations with the issue.
- Check next to each workstation and click the Move button followed by selecting your newly created group - attach4.png
- Your workstations should now be in their new group with the new policy applied. By creating a separate group and policy this will not relax any restrictions on the rest of your workstations and only those requiring this adjustment.
- Policy application should be within moments but sometimes rebooting can expedite the process.
- attach1.png60 KB
- attach2.png20 KB
- attach3.png40 KB
- attach4.png50 KB
Updated