Microsoft last week announced that it truly is temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer ingredient was exploited by menace actors to provide malware these kinds of as Emotet, TrickBot, and Bazaloader.
MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation systems, is a universal Windows application bundle format that enables builders to distribute their applications for the desktop working program and other platforms. ms-appinstaller, particularly, is built to assistance consumers put in a Windows application by just clicking a url on a site.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
But a spoofing vulnerability uncovered in Windows Application Installer (CVE-2021-43890, CVSS rating: 7.1) intended that it could be tricked into setting up a rogue app that was in no way supposed to be set up by the user by way of a malicious attachment made use of in phishing strategies.
Although Microsoft released initial patches to tackle this flaw as element of its December 2021 Patch Tuesday updates, the company has now disabled the ms-appinstaller plan while it functions to plug the security gap and protect against more exploitation fully.
“This implies that Application Installer will not be ready to set up an application directly from a web server,” Dian Hartono explained. “In its place, users will need to initial obtain the application to their machine, and then install the package with App Installer. This may possibly improve the down load sizing for some deals.”
With Microsoft yanking assist for the protocol, the corporation is also recommending builders that they update the application obtain links on their internet websites by eradicating “ms-appinstaller:?supply=” schemes so that the MSIX deal or.appinstaller file can be downloaded.
Discovered this write-up appealing? Abide by THN on Fb, Twitter and LinkedIn to browse additional distinctive articles we post.
Some components of this article are sourced from:
thehackernews.com