Change logs for security intelligence update version

This page lists newly added and updated threat detections included in security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Released on

Added threat detections

No new threat detections added in selected update

Name Severity
Behavior:Win32/DlpAuditOld severe
Behavior:Win32/DlpBlockOld severe
Behavior:Win32/DlpWarn severe
Exploit:O97M/CVE-2017-11882.AR severe
Ransom:Win32/Sherminator.YL severe
Trojan:JS/ObfDldr.C severe
Trojan:MSIL/CryptInject.OJ!MTB severe
Trojan:Win32/Emotet.SE severe
Trojan:Win32/Emotet.SF severe
Trojan:Win32/IceID.AD!MTB severe
Trojan:Win32/Totbrick.AD!MTB severe
TrojanDownloader:O97M/Obfuse.KP!MTB severe
VirTool:Win32/VBInject.YA!MTB severe
VirTool:Win32/VBInject.YA!MTB severe
Backdoor:MSIL/Bladabindi.PA!MTB severe
Backdoor:MSIL/Bladabindi.PA!MTB severe
Trojan:MSIL/Starter.PA!MTB severe
VirTool:MSIL/CryptInject.PC!MTB severe
VirTool:MSIL/CryptInject.PD!MTB severe
VirTool:Win32/Hercules.G!MTB severe
Behavior:Win32/Swapex.I severe
Behavior:Win32/Swapex.J severe
Behavior:Win32/UACBypassExp.F!sdclt2 severe
Behavior:Win32/UACBypassExp.F!sdclt3 severe
Behavior:Win32/UACBypassExp.F!src severe
Exploit:O97M/CVE-2017-11882.AU!eml severe
Trojan:Win32/Azorult.SF!MTB severe
Trojan:Win32/Netwire.FW!MTB severe
Trojan:Win32/StealthFalcon.E!dha severe
TrojanDownloader:O97M/Obfuse.KM!MTB severe
TrojanDownloader:O97M/Obfuse.KN!MTB severe
TrojanDownloader:VBS/Agent.GC!MTB severe
TrojanDownloader:VBS/Agent.GD!MTB severe
TrojanDownloader:Win32/Agent.G!MTB severe
TrojanDropper:Win32/Dapato.AA severe
Behavior:Win32/Pstager.A severe
Trojan:Win32/Cryptinject.EG severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/CryptMari.SA!MTB severe
Trojan:Win32/Pownitel!lnk severe
Ransom:Win32/Nemty.D severe
Ransom:Win32/Ordinypt severe
Trojan:MSIL/Launcher severe
Trojan:PowerShell/CoinMiner.B severe
Trojan:Win32/DownloaderAgent.PA!MTB severe
TrojanSpy:Win32/Remoteal.KA severe
Worm:Win32/Autorun.DU!MTB severe
Worm:Win32/Autorun.DU!MTB severe
Backdoor:BAT/Dutnutot severe
Backdoor:BAT/Dutnutot severe
HackTool:PowerShell/TimeStomp.A high
HackTool:PowerShell/TimeStomp.B high
Exploit:O97M/CVE-2017-0199.AB!MTB severe
Trojan:JS/ObfusScript severe
Backdoor:JS/Chopper.A severe
Trojan:Win32/CryptInject.BG!MTB severe
Trojan:Win32/Ekstak.BS!MTB severe
Trojan:Win32/Qakbot.BS!MTB severe
Trojan:Win32/Trickbot.BA!MTB severe
HackTool:Win32/WirKey high
Trojan:Win32/Meteremel.A!ml severe
Trojan:Win32/Meteremel.B!ml severe
Trojan:Win32/Suloc.I!cl severe

Updated threat detections

No threat detections updated in selected update

Name Severity
Adware:Win32/OpenSUpdater high
Backdoor:ASP/Aspy severe
Backdoor:ASP/Webshell severe
Backdoor:PHP/WebShell severe
Behavior:Win32/DlpAudit severe
Behavior:Win32/DlpBlock severe
BrowserModifier:Win32/Prifou high
Exploit:O97M/CVE-2017-11882 severe
FriendlyFiles low
HackTool:Win32/Keygen high
HackTool:Win64/AutoKMS high
PWS:Win32/Azorult severe
Ransom:Win32/Locky severe
Trojan:HTML/Fkelrt severe
Trojan:HTML/Phish severe
Trojan:Java/Adwind severe
Trojan:JS/Cryxos severe
Trojan:JS/Redirector!MTB severe
Trojan:O97M/Phish severe
Trojan:PowerShell/Pklotide.A severe
Trojan:VBS/Encascurl severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Bluteal.B!rfn severe
Trojan:Win32/CryptInject severe
Trojan:Win32/Dorv.A!rfn severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet.PD!MTB severe
Trojan:Win32/Emotet.SD severe
Trojan:Win32/Emotet.SD severe
Trojan:Win32/Emotet.SE severe
Trojan:Win32/Emotet.SE severe
Trojan:Win32/Emotet.SF severe
Trojan:Win32/Emotet.SF severe
Trojan:Win32/Metasploit.X severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Skeeyah.A!MTB severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Starter!lnk severe
Trojan:Win32/Suloc.A severe
Trojan:Win32/Tiggre!plock severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win32/VB severe
Trojan:Win32/Zonidel.A severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
TrojanDownloader:PowerShell/Dosyi severe
VirTool:Win32/VBInject.YA!MTB severe
VirTool:Win32/VBInject.YA!MTB severe
Backdoor:MSIL/Bladabindi.PA!MTB severe
Trojan:MSIL/Starter.PA!MTB severe
Trojan:MSIL/Starter.PA!MTB severe
TrojanDownloader:O97M/Obfuse.KO!MTB severe
TrojanDownloader:O97M/Obfuse.KO!MTB severe
VirTool:MSIL/CryptInject.PC!MTB severe
VirTool:MSIL/CryptInject.PC!MTB severe
VirTool:MSIL/CryptInject.PD!MTB severe
VirTool:MSIL/CryptInject.PD!MTB severe
BrowserModifier:Win32/Foxiebro high
Trojan:Win32/Netwire.FW!MTB severe
Trojan:Win32/Netwire.FW!MTB severe
TrojanDownloader:VBS/Agent.GC!MTB severe
TrojanDownloader:VBS/Agent.GC!MTB severe
TrojanDownloader:VBS/Agent.GD!MTB severe
TrojanDownloader:VBS/Agent.GD!MTB severe
Behavior:Win32/Runmesta.A severe
Behavior:Win32/ServiceCreationScriptDrop.A severe
Behavior:Win32/TamperPSConstrainedLangMode.A severe
Behavior:Win32/TamperPSConstrainedLangModeNonFriendly.A severe
Exploit:Win32/CVE-2018-16858 severe
Trojan:Win32/CryptInject severe
Trojan:Win32/Skeeyah.A!MTB severe
Trojan:Win32/Trickbot severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
Trojan:Win32/CryptInject severe
Exploit:O97M/CVE-2017-11882.AT!eml severe
Exploit:O97M/CVE-2017-11882.AT!eml severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/CryptInject severe
Exploit:O97M/CVE-2017-11882 severe
Exploit:O97M/CVE-2017-11882.AR!eml severe
HackTool:BAT/AutoKMS high
HackTool:Win32/Patcher high
Trojan:PDF/Phish severe
Trojan:Win32/Skeeyah.A!rfn severe
TrojanDownloader:O97M/Donoff severe
TrojanDownloader:O97M/Obfuse.KE!MTB severe
VirTool:MSIL/CryptInject.AB!MTB severe
Trojan:JS/Redirector!MTB severe
Trojan:Win32/Emotet severe
HackTool:MSIL/AutoKMS high
Trojan:PDF/Phish severe
Trojan:Win32/Banload severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CoinMiner!rfn severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet!rfn severe
Trojan:Win32/Emotet.AC!bit severe
Trojan:Win32/Gandcrab.AF severe
Trojan:Win32/MereTam.A severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Tiggre!plock severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win64/Rootkitdrv severe
TrojanDownloader:JS/CryptInject severe
FriendlyFiles low
Trojan:Win32/CryptInject severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
Backdoor:MSIL/Nanocore severe
FriendlyFiles low
HackTool:Win64/Meterpreter high
Trojan:Win32/DownloaderAgent.PA!MTB severe
Trojan:Win32/DownloaderAgent.PA!MTB severe
Trojan:Win32/Emotet severe
Trojan:Win32/Emotet!MTB severe
Trojan:Win32/Ursnif!MTB severe
Trojan:Win64/Rootkitdrv severe
TrojanDownloader:JS/Nemucod severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
TrojanDownloader:O97M/Obfuse.KL!MTB severe
TrojanDownloader:O97M/Obfuse.KL!MTB severe
TrojanDownloader:PowerShell/Donvibs severe
Worm:Win32/Autorun.DU!MTB severe
Backdoor:Win32/Dutnutot severe
Backdoor:Win32/Zegost.CQ!bit severe
Trojan:Win32/Skeeyah.A!MTB severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
Trojan:Win32/Emotet!MTB severe
TrojanDownloader:O97M/Donoff!MTB severe
BrowserModifier:Win32/Foxiebro high
Behavior:Win32/PSKeyloggerScriptDrop.A severe