New Microsoft Secure Score recommendations

March 2026

New Microsoft Secure Score recommendations

Microsoft Secure Score now includes new recommendations to help organizations proactively prevent common endpoint attack techniques:

• Block outbound network connections from Microsoft HTML Application Host (mshta.exe): Helps mitigate attacks that leverage mshta.exe (a trusted Windows binary) to execute malicious scripts and communicate with external command-and-control (C2) infrastructure. Blocking outbound connections from mshta.exe disrupts common attack chains, prevents payload download and data exfiltration, and reduces the risk of living-off-the-land attacks. This is relevant for emerging attack campaigns, for example, ClickFix campaigns, where attackers abuse legitimate tools like mshta.exe to execute malicious content delivered through user interaction.