Microsoft antimalware support for Windows XP

Microsoft has announced the Windows XP end of support date of April 8, 2014. After this date, Windows XP will no longer be a supported operating system*. To help organizations complete their migrations, Microsoft will continue to provide updates to our antimalware signatures and engine for Windows XP users through July 14, 2015. This does…

146

WannaCrypt ransomware worm targets out-of-date systems

On May 12, 2017 we detected a new ransomware that spreads like a worm by leveraging vulnerabilities that have been previously fixed. While security updates are automatically applied in most computers, some users and enterprises may delay deployment of patches. Unfortunately, the ransomware, known as WannaCrypt, appears to have affected computers that have not applied…

109

Limited Periodic Scanning in Windows 10 to Provide Additional Malware Protection

Every month, Microsoft’s Malicious Software Removal Tool (MSRT) scans more than 500 million Windows devices for malware and malicious software. This tool aids in the detection and removal of malware from 1 to 2 million machines each time, even on those devices running antivirus software. Meanwhile, many Windows customers continue to use the Microsoft Safety…

84

Crowti update – CryptoWall 3.0

After almost two months of hiatus over the holidays, a new campaign of Crowti tagged as ‘CryptoWall 3.0’ has been observed. It uses a similar distribution channel as before, having been downloaded by other malware and serving as a payload through exploits. The graph below shows the spike after two days of no activity from…

76

Tech support scams persist with increasingly crafty techniques

Millions of users continue to encounter technical support scams. Data from Windows Defender SmartScreen (which is used by both Microsoft Edge and Internet Explorer to block malicious sites) and Windows Defender Antivirus show that some three million users are subjected to these threats every month. In addition to being rampant, technical support scams continue to…

55

New feature in Office 2016 can block macros and help prevent infection

Macro-based malware is on the rise and we understand it is a frustrating experience for everyone. To help counter this threat, we are releasing a new feature in Office 2016 that blocks macros from loading in certain high-risk scenarios.   Macro-based malware infection is still increasing Macro-based malware continues its rise. We featured macro-based malware…

53

Adware: A new approach

​Here at the Microsoft Malware Protection Center (MMPC) we understand advertising is part of the modern computing experience. However, we want to give our customers choice and control regarding what happens with their computers. To that end we have recently undergone some changes to both the criteria we use to classify a program as adware…

45

Breaking down a notably sophisticated tech support scam M.O.

The cornerstone of tech support scams is the deception that there is something wrong with your PC.  To advance this sham, tech support scams have long abused browsers’ full screen function. Coupled with dialogue loops, the pop-up messages that just won’t go away, and the spoofing of brands like Microsoft, tech support scam websites can…

38

Windows 10 to offer application developers new malware defenses

Application developers can now actively participate in malware defense – in a new way to help protect customers from dynamic script-based malware and non-traditional avenues of cyberattack. Microsoft is making that possible through the Antimalware Scan Interface (AMSI) – a generic interface standard that allows applications and services to integrate with any antimalware product present on a…

29