Topic: Microsoft disables MSIX protocol handler abused in Emotet attacks @ AskWoody

Microsoft disables MSIX protocol handler abused in Emotet attacks
Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Microsoft disables MSIX protocol handler abused in Emotet attacks
- This topic has 1 reply, 2 voices, and was last updated 3 years, 4 months ago.
Author

Topic
New Reply

oldguy
AskWoody Lounger

February 5, 2022 at 5:02 am #2423346

https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-emotet-attacks/

I guess does anything else legitimate use that in its update mechanism as now it won’t update – or at least

“The likely reason for disabling the protocol altogether is to protect all Windows customers, including those who haven’t yet installed the December security updates or applied the workarounds.”

Reply | Quote

Viewing 0 reply threads
Author

Replies
- Alex5723
  AskWoody Plus
  
  February 5, 2022 at 5:11 am #2423348
  
  While it looks like a legitimate Adobe app, App Installer will download and install a malicious appxbundle hosted on Microsoft Azure when the user clicks the Install button.
  
  This AppX Installer spoofing vulnerability was also exploited to distribute the BazarLoader malware via malicious packages hosted on Microsoft Azure, using *.web.core.windows.net URLs…
  
  Microsoft doesn’t scan/audit every file, app,.. uploaded to AZUR for scam, malware…?
  
  Reply | Quote
Viewing 0 reply threads

Reply To: Microsoft disables MSIX protocol handler abused in Emotet attacks
You can use BBCodes to format your content.
Your account can't use all available BBCodes, they will be stripped before saving.

Your information:
Name (required):

Mail (will not be published) (required):

Website:

Cancel

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.

Welcome to our unique respite from the madness.

It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Microsoft disables MSIX protocol handler abused in Emotet attacks

Plus Membership

Search Newsletters

Search Forums

View the Forum

Search for Topics

Recent Topics

Recent blog posts

My Profile

Key Links

Remembering Woody

Microsoft disables MSIX protocol handler abused in Emotet attacks

Plus Membership

Search Newsletters

Search Forums

View the Forum

Search for Topics

Recent Topics

Recent blog posts

My Profile

Login and Registration

Key Links

Remembering Woody