diff --git a/rules/windows/process_creation/win_office_spawn_exe_from_users_directory.yml b/rules/windows/process_creation/win_office_spawn_exe_from_users_directory.yml
index 143807e30..7232e3e59 100644
--- a/rules/windows/process_creation/win_office_spawn_exe_from_users_directory.yml
+++ b/rules/windows/process_creation/win_office_spawn_exe_from_users_directory.yml
@@ -1,6 +1,6 @@
-title: Microsoft Office Product Spawning exe in users directory 
+title: MS Office Product Spawning Exe in User Dir 
 status: experimental
-description: Detects an executable in the users directory started from Microsoft Word, Excel, Powerpoint, Publisher and Visio.
+description: Detects an executable in the users directory started from Microsoft Word, Excel, Powerpoint, Publisher or Visio
 references:
     - sha256: 23160972c6ae07f740800fa28e421a81d7c0ca5d5cab95bc082b4a986fbac57c
     - https://blog.morphisec.com/fin7-not-finished-morphisec-spots-new-campaign 
@@ -10,7 +10,6 @@ tags:
     - attack.t1059
     - attack.t1202
     - FIN7
-
 author: Jason Lynch 
 date: 2019/04/02
 logsource: