Malwarebytes has found a new technique to distribute malware via Office documents does not involve exploits. Microsoft is not going to fix it, at least for the time being, says researcher Matt Nelson. The technique circumvents the current protection settings and even Microsofts new Attack Surface Reduction technology. The latest attack uses a specially-crafted settings file to trick a user to run malicious code without any further warning or notification. The file format, specific to Windows 10 called.SettingContent.ms, is essentially XML code that is used to create shortcuts to the Control Panel.”]