Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse


MSIX App Installers

Microsoft last week announced that it’s temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader.

MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation technologies, is a universal Windows app package format that allows developers to distribute their applications for the desktop operating system and other platforms. ms-appinstaller, specifically, is designed to help users install a Windows app by simply clicking a link on a website.

Read more…