Microsoft disables app installation protocol abused by hackers

Microsoft disabled a feature designed to expedite Windows apps installation after detecting its exploitation by hackers for malware distribution. The ms-appinstaller protocol not only permitted easy app installation but also enabled malware loading, bypassing safety mechanisms. Consequently, users must now first download the software package before running App Installer. The malicious activity was linked to hacking groups Storm-0569, Storm-1113, Storm-1674, and Sangria Tempest, who exploited the feature to install viruses and ransomware.