Microsoft Threat Intelligence has detected cyber threats distributing malware through the ms-appinstaller URI scheme (App Installer) since mid-November 2023. These threat actors, including Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, used the scheme to bypass malware protection measures due to its current implementation issues. In response, Microsoft has disabled the ms-appinstaller protocol handler by default.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some