Security News > 2021 > June > Windows 10's package manager flooded with duplicate, malformed apps
Last week, Microsoft released the first stable version of its Windows 10 package manager, Winget, which enables users to manage apps via command-line.
Much like package managers available on other platforms, Winget lets Windows users automate app management when it comes to installing, configuring, upgrading, and uninstalling applications.
Over the weekend, multiple users flooded Winget's software registry with pull requests for apps that are either duplicate or malformed, thereby raising concerns about the integrity of the Winget ecosystem.
Winget's repo flooded with duplicate apps, malformed manifests.
Microsoft's guidelines state that independent software vendors looking to upload their application to the Winget registry, can do so by submitting the application's manifest on their GitHub.
Over this Memorial Day weekend, multiple pull requests emerged on Winget's GitHub containing names of apps that had already existed in the package manager's registry.
News URL
Related news
- Windows 10 KB5055518 update fixes random text when printing (source)
- Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug (source)
- Windows 10 KB5055612 preview update fixes a GPU bug in WSL2 (source)
- Microsoft silently fixes Start menu bug affecting Windows 10 PCs (source)
- M365 apps on Windows 10 to get security fixes into 2028 (source)
- Microsoft will update Office apps on Windows 10 until 2028 (source)
- Windows 10 KB5058379 update fixes SgrmBroker errors in Event Viewer (source)
- Windows 10 KB5058379 update triggers BitLocker recovery on some devices (source)
- Microsoft confirms May Windows 10 updates trigger BitLocker recovery (source)
- Windows 10 emergency updates fix BitLocker recovery issues (source)