Microsoft’s “Open App Store Principles”
Microsoft has laid out a set of “Open App Store Principles” that will apply to the store it runs for Windows-powered computers and future marketplaces.
Phishing Campaign Targets Windows Search Protocol
A new phishing campaign exploits a vulnerability in the Windows Search protocol. These emails use HTML attachments to download malicious files from remote servers, potentially putting your personal information, files, and even your entire computer at risk.
Expert Advice on Mitigating the Risk
Jason Kent, Hacker in Residence at Cequence, explains the importance of proactive vulnerability management and how to prevent such attacks. Kent emphasizes the difficulty in detecting vulnerabilities like this until it’s too late.
He suggests understanding which services are reaching out to the Internet and what resources they require to prevent such threats. Kent recommends disabling search functionality within each host by removing specific registry keys.
Kent also advises caution when implementing these changes, as they may have unintended consequences. He suggests analyzing all email attachments, not just text files, to prevent similar attacks in the future.
