Security News > 2024 > June > Phishing emails abuse Windows search protocol to push malicious scripts

Phishing emails abuse Windows search protocol to push malicious scripts
2024-06-12 22:30

A new phishing campaign uses HTML attachments that abuse the Windows search protocol to push batch files hosted on remote servers that deliver malware.

The Windows Search protocol is a Uniform Resource Identifier that enables applications to open Windows Explorer to perform searches using specific parameters.

While most Windows searches will look at the local device's index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window.

Microsoft deprecates Windows DirectAccess, recommends Always On VPN. Microsoft fixes VPN failures caused by April Windows updates.

Microsoft announces first Windows 10 Beta build since 2021.

Windows 11 KB5039212 update released with 37 changes, fixes.


News URL

https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Protocol 12 0 1 15 1 17