Learn Editor: Update attack-surface-reduction-rules-reference.md

Author: ericlaw1979

defender-endpoint/attack-surface-reduction-rules-reference.md

@@ -7,7 +7,7 @@ ms.localizationpriority: medium
 audience: ITPro
 author: paulinbar
 ms.author: painbar
-ms.reviewer: sugamar, yongrhee
+ms.reviewer: sugamar, ericlaw
 manager: bagol
 ms.custom: asr
 ms.topic: reference
@@ -462,7 +462,7 @@ Dependencies: Microsoft Defender Antivirus, AMSI
 
 ### Block Office applications from creating executable content
 
-This rule prevents Office apps, including Word, Excel, and PowerPoint, from creating potentially malicious executable content, by blocking malicious code from being written to disk. Malware that abuses Office as a vector might attempt to break out of Office and save malicious components to disk. These malicious components would survive a computer reboot and persist on the system. Therefore, this rule defends against a common persistence technique. This rule also blocks execution of untrusted files that might have been saved by Office macros that are allowed to run in Office files.
+This rule prevents Office apps, including Word, Excel, and PowerPoint, from being used as a vector to persist malicious code on disk. Malware that abuses Office as a vector might attempt to save malicious components to disk that would survive a computer reboot and persist on the system. This rule defends against this persistence technique by blocking access (open/execute) to the code written to disk. This rule also blocks execution of untrusted files that might have been saved by Office macros that are allowed to run in Office files.
 
 Intune name: `Office apps/macros creating executable content`