#AppInstallerVulnerability

Microsoft kills off Windows app installation from the web, again

by

January 3, 2024 at 07:07PM Microsoft disabled the ms-appinstaller URI scheme due to its misuse by threat actors to install malware. The scheme was re-enabled on August 5, 2022, for some enterprise customers. However, its abuse allowed bypassing of Microsoft’s security checks. Microsoft is revoking abused code signing certificates and advising updates and policy changes … Read more

Microsoft disables MSIX protocol handler abused in malware attacks

by

December 28, 2023 at 02:05PM Microsoft disabled the MSIX ms-appinstaller protocol handler due to multiple financially motivated threat groups exploiting it to infect Windows users with malware. The attackers used the CVE-2021-43890 vulnerability to bypass security measures and distribute malware. Microsoft recommends installing the patched App Installer version 1.21.3421.0 or later and advised disabling the … Read more