I read a posting in the FAQ about hooks and I must admit I didn't understand what it's all about. I'm not all that proficient in IT matters! What's important to me as a user of ReHIPS is what should I do as a default about the setting regarding hooks in the Desktop Access Rights Privileges tab? Ignore it or deal with it one way or another depending on specific circumstances?
Desktop hooks for programs such as MS Office are not a problem as regards actual malware in the wild. It is more of a theoretical problem.
If you want total security, use the separate desktop, although it is admittedly inconvenient for multi-tasking.
Just my personal opinion.
Do you refer to this FAQ blogpost https://forum.rehips.com/index.php?topic=9483.0 ?
Options from the most secure to least:
1. Use separate desktop.
2. Use main desktop and disable HOOK_CONTROL.
3. Use main desktop with enabled HOOK_CONTROL and use Isolated Hooks or Low Integrity Level.
By default ReHIPS operates in the most secure way offering separate desktop.
And don't worry anyway, even while main desktop with enabled HOOK_CONTROL and no other mitigations leave you theretically open to some threats, it's more of a paranoid possibility as I haven't seen it practically yet. I just think that we have to outline any threat, even theoretical and nearly-impossible ones.
Many thanks for the reply. I understand it better now.