cognitive cybersecurity intelligence

News and Analysis


Microsoft Disables MSIX App Installer Protocol Widely used in Malware Attacks

Microsoft has again disabled the ms-appinstaller protocol handler by default due to its abuse by cybercriminals to spread malware. Financially motivated hacking groups and cybercriminals have used it as an entry point for ransomware activity since mid-November 2023. The changes are applicable to App Installer version 1.21.3421.0 or higher. The attacks often involve distributing malicious MSIX app packages via Microsoft Teams or through misleading adverts for legitimate software on search engines.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts