The vulnerability of the Microsoft App Installer installer, related to the lack of mechanisms for encoding or shielding output data, allows attackers to perform spoofing attacks.

The vulnerability of the Microsoft App Installer relates to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows attackers to carry out spear-phishing attacks using a specially created malware package...

A week in security (January 1 – January 7)

Last week on Malwarebytes Labs: Police investigate sexual assault on an avatar How AI hallucinations are making bug hunting harder Explained: SMTP smuggling Facebook introduces another way to track you – Link History 23andMe blames "negligent" breach victims, says it’s their own fault Microsoft...

The vulnerability of the Microsoft App Installer, related to bypassing authentication through spoofing, allows attackers to carry out spoofing attacks.

The vulnerability of the Microsoft App Installer relates to the bypassing of authentication processes through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created malware package...

Microsoft App Installer Security Updates (December 2021)

The app installer installation on the remote host is missing a security update. It is, therefore, affected by a session spoofing vulnerability. An attacker can exploit this if the user opens a specially crafted attachment. This will allow the attacker to perform actions with the privileges of the...