Microsoft last week announced that it truly is temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer ingredient was exploited by menace actors to provide malware these kinds of as Emotet, TrickBot, and Bazaloader.
MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation systems, is a universal Windows application bundle format that enables builders to distribute their applications for the desktop working program and other platforms. ms-appinstaller, particularly, is built to assistance consumers put in a Windows application by just clicking a url on a site.

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
But a spoofing vulnerability uncovered in Windows Application Installer (CVE-2021-43890, CVSS rating: 7.1) intended that it could be tricked into setting up a rogue app that was in no way supposed to be set up by the user by way of a malicious attachment made use of in phishing strategies.
Although Microsoft released initial patches to tackle this flaw as element of its December 2021 Patch Tuesday updates, the company has now disabled the ms-appinstaller plan while it functions to plug the security gap and protect against more exploitation fully.
“This implies that Application Installer will not be ready to set up an application directly from a web server,” Dian Hartono explained. “In its place, users will need to initial obtain the application to their machine, and then install the package with App Installer. This may possibly improve the down load sizing for some deals.”
With Microsoft yanking assist for the protocol, the corporation is also recommending builders that they update the application obtain links on their internet websites by eradicating “ms-appinstaller:?supply=” schemes so that the MSIX deal or.appinstaller file can be downloaded.
Discovered this write-up appealing? Abide by THN on Fb, Twitter and LinkedIn to browse additional distinctive articles we post.
Some components of this article are sourced from:
thehackernews.com