"Microsoft Shuts Down MSIX Protocol to Block Malware Exploits"

December 29, 2023 at 02:04 PM

•

1 min read

"Microsoft Shuts Down MSIX Protocol to Block Malware Exploits" — Photo: TechRadar

TL;DR Summary

Microsoft has taken action to disable the ms-appinstaller protocol handler by default due to its exploitation by hackers to deploy malware, including ransomware. The company observed four threat actors, including Storm-0569 and FIN7, using the handler to bypass security mechanisms and distribute malware through fake ads and phishing via Microsoft Teams. The handler is now disabled in App Installer version 1.21.3421.0 or higher to prevent further abuse. This follows previous incidents where MSIX files were used for malware distribution, highlighting ongoing cybersecurity challenges.

Topics:technology ##cybersecurity #malware #microsoft #msix #ransomware #technology-and-cybersecurity

Share this article

Microsoft disables one of its own software tools following multiple malware attacks TechRadar
Microsoft disables MSIX protocol handler abused in malware attacks BleepingComputer
Microsoft disables app installation protocol abused by hackers The Record from Recorded Future News
Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks The Hacker News
Microsoft disables MSIX protocol handler in Windows to thwart malware attacks XDA Developers

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

80%

422 → 83 words

Want the full story? Read the original article

Read on TechRadar

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights