Microsoft disables vulnerable Windows component following malware campaigns

Microsoft has deactivated a Windows feature, the ms-appinstaller protocol handler, following its misuse by hackers to spread malware. The protocol handler, a part of the App Installer, allows users to install programs saved in the MSIX file format. The cyberattacks, which began mid-November, were traced back to four cybercrime groups that spread malware through various methods, including search engine ads, malicious websites, and Microsoft Teams messages.