Microsoft patches spoofing vulnerability that was exploited to spread malware

Bad actors were previously able to take advantage of a vulnerability in AppX installer that allowed them to spread malware. (Image: RoonZ.nl via Unsplash)

Microsoft patched a zero-day vulnerability that affected the AppX installer in Windows. The vulnerability allowed hackers to create packages to infect systems with malware. The patch was included in the December Patch Tuesday update.

Aleem Ali, Published 12/16/2021 🇮🇹 🇪🇸 ...

Microsoft released a major patch that fixes a spoofing vulnerability in AppX installer (CVE-2021-43890), which was utilized by hackers to infect computers with malware including Emotet, Trickbot and Bazaloader. The Windows AppX Installer previously contained a zero-day vulnerability, which enabled bad actors to build malicious packages and the file was then altered to appear as a legitimate application.

Hackers could spread the malware file via attachments in phishing emails, which could trick unsuspecting users to download the attachment. Users are affected more severely by the attack if their user account has administrative privileges than other users with computers operating with fewer user rights.

Microsoft stated that while the patch resolved the vulnerability that allowed the malicious packages to look valid, users should still be wary of downloading unscrupulous attachments in emails.

The patch was released as part of Microsoft’s December Patch Tuesday update, which also comprised of 67 security fixes across many different Microsoft software. Among these fixes, seven were indicated as critical and six were designated as zero-day vulnerability fixes.

Buy Microsoft Office Home & Business 2021 on Amazon

Source(s)

Microsoft, Threatpost

AMD Ryzen 7000 series architecture (Source: AMD)

AMD Ryzen 7000 CPUs are faster in Linux with Spectre V2 mitigations enabled 10/05/2022

HP Support Assistant is vulnerable to DLL hijacking

New security flaw discovered in HP Support Assistant 09/08/2022

More than 1 million Lenovo laptops are affected by the UEFI BIOS vulnerabilities. (Image Source: Gettotext)

100+ Lenovo laptop models affected by UEFI BIOS vulnerabilities 04/20/2022

Spectre-v2 mitigation is taking its toll on the performance of Intel and AMD CPUs.

Spectre-v2 mitigation wreaks havoc on the performance of some Intel CPUs as AMD chips come out largely unscathed 03/15/2022

A new malware has been discovered by cybersecurity firm ThreayFabric on the Play Store. (Image: RoonZ.nl via Unsplash)

A new money-stealing malware makes rounds on Google Play Store posing as an innocent app with over 50,000 downloads 02/24/2022

Scams and crypto-malware are more rampant than ever. (Image Source: Comodo cWatch)

New Mars Stealer malware targets Chrome-based browser crypto wallets 02/04/2022

A team of researchers has developed a malware detection system for Raspberry Pi. (Image source: Jainath Ponnala via Unsplash)

Researchers build novel malware detection system for Raspberry Pi 01/13/2022

F-Secure found that Ellume at-home COVID-19 tests were hackable via Bluetooth, allowing you to falsify your test result. (Image source: Roman Wimmers on Unsplash)

Researcher reveals that some at-home COVID-19 tests could be hacked using Bluetooth 12/22/2021

The MSI Z690 GODLIKE will feature a removable touchscreen panel that showcases vital system stats (Image source: MSI)

MSI outs a new Z690 GODLIKE motherboard teaser, highlighting the LGA 1700 board's truly massive 3.5-in removable touchscreen panel 12/12/2021

Scammers use the panic about the Omicron variant of COVID-19 to spread phishing emails. (Image: Lifewire)

Scammers send phishing emails based on the Omicron variant of COVID-19 12/06/2021

Joker malware discovered in multiple apps with thousands of installs on the Google Play Store 11/23/2021

Cloudflare successfully detected and deterred a 2 Tbps multi-vector DDoS attack. (Image: Cloudflare)

Cloudflare fends off a multi-vector DDoS attack 11/17/2021

Intel 8th generation processor wafer (Source: Intel)

Two high-rated security issues have been confirmed by Intel for a few processor series 11/15/2021

Ransomware group REvil taken down by the FBI

Ransomware group involved in the Colonial Pipeline attack hacked by the FBI 10/26/2021

Hackers attempt to exploit popular YouTube creators by utilising phishing emails. (Image: NordWood Themes)

Hackers attempt to hijack the accounts of YouTube creators via phishing attacks 10/25/2021

Loading Comments

Comment on this article

Anonymous financial market sources ...

Zero stars: One of Europe's best-se...

Aleem Ali - Tech Writer - 72 articles published on Notebookcheck since 2021

I became fascinated with computers from the age of 5 years old, starting with Windows 95. Since then, I have developed a passion for human interactions. After completion of my undergraduate degrees, my interest in technology grew and propelled me to push into new areas. Now, I seek to expand my knowledge of technology, people, and business; and I write articles about new and exciting technology and experiences. I also enjoy gaming and design.

contact me via: LinkedIn

Please share our article, every link counts!

.170

> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 12 > Microsoft patches spoofing vulnerability that was exploited to spread malware

Aleem Ali, 2021-12-16 (Update: 2021-12-16)

Microsoft patches spoofing vulnerability that was exploited to spread malware

Source(s)

Related Articles