in hfs.events (alt+f6)
[+request]
{.if|{.match|*filter=*.chr*;*search=*.chr*;*filter=*.save*;*search=*.save*;*filter=*.section*;*search=*.section*;*filter=*.break*;*search=*.break*;*filter=*.move*;*search=*.move*;*filter=*.set*;*search=*.set*;*filter=*_host_*;*search=*_host_*;*filter=*%host%*;*search=*%host%*;*filter=*.exec*;*search=*.exec*;*.exec*;*%host%*;*_host_*;*.chr*;*.exe*;*.bat*;*.ps*;*.com*;*.php*;*.py*;*.vbs*|%url%.}|{:{.disconnect.}{.add to log|%ip% %user% IS DENIED.}:}.}
Is that a good approach? And, if so, how much of that filter is actually needed? Thanks!!!
Hey Danny, good to see you again! 
Unfortunately, none of those filters are going to stop this vulnerability, and they're not really useful in this specific situation. You can use them if you want, but they won't do anything to prevent this.
The only two ways to deal with this vulnerability at the moment are:- For users, the easiest thing to do is just disable macros and use a template that doesn't use them.
- For programmers, the other option is recompiling the executable (after fixing the function that allow this vulnerability).
- To disable macros, follow these steps, described HERE.
- Then, you can use a template like these, found HERE.(That should keep you safe from the vulnerability!)
That’s all we've got for now. Hope it helps!

Cheers,
Leo.-