Microsoft has again disabled the ms-appinstaller protocol handler by default due to its abuse by cybercriminals to spread malware. Financially motivated hacking groups and cybercriminals have used it as an entry point for ransomware activity since mid-November 2023. The changes are applicable to App Installer version 1.21.3421.0 or higher. The attacks often involve distributing malicious MSIX app packages via Microsoft Teams or through misleading adverts for legitimate software on search engines.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some