JeanFranoisBotallaGambetta-0774 avatar image
0 Votes"
JeanFranoisBotallaGambetta-0774 asked

Our VSTO add-in is blocked at startup by Windows Defender attack surface reduction rules

Our add-in is developed in .NET C# / VSTO and signed with an up-to-date standard signing certificate.

However we start to have clients complaining about Windows Defender attack surface reduction rules preventing the add-in to start (on Excel startup).
In particular when Excel tries to use a e.g: %localappdata%Temp\2\Deployment\9CNA55QQ.ZA6\WVJ7LGP0.26A.application (the folder is actually random), the rules reject and prompt.

How can we solve this issue, without asking the client to exclude the whole %localappdata%Temp\2\Deployment\ folder from the surface attack rules ?

Should we use an EV signing certificate ?

Is there any others explanations ?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers