General topics

Microsoft has disabled support for the ms-appinstaller protocol

Microsoft has disabled support for the ms-appinstaller protocol

The ability to install software directly from websites is temporarily blocked due to discovered vulnerabilities that allow remote installation of malware.

Microsoft has disabled support for the MSIX ms-appinstaller protocol, which means that MSIX files hosted on websites cannot be used for live application installation. A frequently used Windows feature allowed users to install the application without having to download the entire MSIX package.

In other words, App Installer cannot install software or its updates directly from the web server, users must first download the app to the device and then run the installer. This increases the size of some downloaded packages.

Check also:

The Blockade feature is the result of the discovery of vulnerabilities that allow programs to be installed remotely without user consent, allowing cybercriminals to use them to install malware. Such cases have already occurred. For example, according to Microsoft, the app installer has been used to inject malicious code such as Emotet, Trickbot, and Bazaloader without the users’ knowledge or consent.

Currently, Microsoft is actively working on a solution to this problem, and after providing and testing the appropriate fixes, the protocol will be re-enabled, says Diane Hartono, Program Manager at Microsoft. “We understand that this feature is important for many businesses and businesses. Therefore, we must conduct extensive testing to ensure that the protocol can be safely re-enabled. We are also considering introducing a group policy that would allow IT administrators to re-enable the protocol and control its use in businesses.”

For more details about this vulnerability, see Microsoft’s published document CVE-2021-43890.

Related Articles

Back to top button