Change logs for security intelligence update version

This page lists newly added and updated threat detections included in security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Released on

Added threat detections

No new threat detections added in selected update

Name Severity
Backdoor:MSIL/AgentTesla severe
Backdoor:PHP/Remoteshell.B severe
Ransom:Win32/Sodinokibi.AB severe
Trojan:JS/Denali.A!ml severe
Trojan:VBS/Irsaz.A severe
Trojan:Win32/AutoitInject severe
Trojan:Win32/Trickbot.F!MTB severe
TrojanDownloader:JS/Ostap.SA severe
TrojanDownloader:O97M/Obfuse.IU!MTB severe
TrojanDownloader:Script/WebRunner.A!lnk severe
TrojanDropper:Win32/Rotbrow severe
TrojanDropper:Win32/Vbsrun severe
Behavior:Win32/Pstager.A severe
Trojan:Win32/Cryptinject.EG severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/CryptMari.SA!MTB severe
Trojan:Win32/Pownitel!lnk severe
Ransom:Win32/Nemty.D severe
Ransom:Win32/Ordinypt severe
Trojan:MSIL/Launcher severe
Trojan:PowerShell/CoinMiner.B severe
Trojan:Win32/DownloaderAgent.PA!MTB severe
TrojanSpy:Win32/Remoteal.KA severe
Worm:Win32/Autorun.DU!MTB severe
Worm:Win32/Autorun.DU!MTB severe
Backdoor:BAT/Dutnutot severe
Backdoor:BAT/Dutnutot severe
HackTool:PowerShell/TimeStomp.A high
HackTool:PowerShell/TimeStomp.B high
Exploit:O97M/CVE-2017-0199.AB!MTB severe
Trojan:JS/ObfusScript severe
Backdoor:JS/Chopper.A severe
Trojan:Win32/CryptInject.BG!MTB severe
Trojan:Win32/Ekstak.BS!MTB severe
Trojan:Win32/Qakbot.BS!MTB severe
Trojan:Win32/Trickbot.BA!MTB severe
HackTool:Win32/WirKey high
Trojan:Win32/Meteremel.A!ml severe
Trojan:Win32/Meteremel.B!ml severe
Trojan:Win32/Suloc.I!cl severe

Updated threat detections

No threat detections updated in selected update

Name Severity
Backdoor:MSIL/Bladabindi severe
Backdoor:Win32/Tofsee!rfn severe
Backdoor:Win32/Tofsee.T severe
Behavior:Win32/WscriptBITSAbuse.A severe
Behavior:Win32/WscriptBITSAbuse.B severe
BrowserModifier:Win32/Prifou high
Exploit:O97M/CVE-2017-11882 severe
Exploit:O97M/CVE-2017-11882!MTB severe
Exploit:SWF/CVE-2011-2110.C severe
FriendlyFiles low
PWS:HTML/Phish severe
PWS:Win32/AgentTesla severe
PWS:Win32/Frethog severe
Ransom:MSIL/Samas.D severe
Ransom:Win32/Phoenix severe
Spyware:Win32/CnsMin high
Trojan:JS/Flafisi severe
Trojan:O97M/Donoff severe
Trojan:Python/Ztopynk severe
Trojan:Win32/AutScpt severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CryptInject severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet.BP severe
Trojan:Win32/Fareit severe
Trojan:Win32/Pynamer.A!ac severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Tiggre!plock severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win32/Ursnif severe
Trojan:Win32/Zlob severe
TrojanDownloader:JS/Nemucod severe
TrojanDownloader:O97M/Donoff severe
TrojanDownloader:O97M/Donoff!rfn severe
TrojanDownloader:O97M/Donoff.SA severe
TrojanDownloader:O97M/Obfuse.ED severe
TrojanDownloader:O97M/Obfuse.IQ!MTB severe
TrojanDownloader:Win32/CryptInject severe
TrojanDownloader:Win32/Delf high
TrojanSpy:Win32/Skeeyah.A!rfn severe
TrojanSpy:Win32/Ursnif severe
VirTool:Java/Donk!rfn severe
Trojan:Win32/CryptInject severe
Exploit:O97M/CVE-2017-11882.AT!eml severe
Exploit:O97M/CVE-2017-11882.AT!eml severe
Trojan:Win32/Bufferball.B!dha severe
Trojan:Win32/CryptInject severe
Exploit:O97M/CVE-2017-11882 severe
Exploit:O97M/CVE-2017-11882.AR!eml severe
HackTool:BAT/AutoKMS high
HackTool:Win32/Patcher high
Trojan:PDF/Phish severe
Trojan:Win32/Skeeyah.A!rfn severe
TrojanDownloader:O97M/Donoff severe
TrojanDownloader:O97M/Obfuse.KE!MTB severe
VirTool:MSIL/CryptInject.AB!MTB severe
Trojan:JS/Redirector!MTB severe
Trojan:Win32/Emotet severe
HackTool:MSIL/AutoKMS high
Trojan:PDF/Phish severe
Trojan:Win32/Banload severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CoinMiner!rfn severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet!rfn severe
Trojan:Win32/Emotet.AC!bit severe
Trojan:Win32/Gandcrab.AF severe
Trojan:Win32/MereTam.A severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Tiggre!plock severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win64/Rootkitdrv severe
TrojanDownloader:JS/CryptInject severe
FriendlyFiles low
Trojan:Win32/CryptInject severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
Backdoor:MSIL/Nanocore severe
FriendlyFiles low
HackTool:Win64/Meterpreter high
Trojan:Win32/DownloaderAgent.PA!MTB severe
Trojan:Win32/DownloaderAgent.PA!MTB severe
Trojan:Win32/Emotet severe
Trojan:Win32/Emotet!MTB severe
Trojan:Win32/Ursnif!MTB severe
Trojan:Win64/Rootkitdrv severe
TrojanDownloader:JS/Nemucod severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
TrojanDownloader:O97M/Obfuse.KL!MTB severe
TrojanDownloader:O97M/Obfuse.KL!MTB severe
TrojanDownloader:PowerShell/Donvibs severe
Worm:Win32/Autorun.DU!MTB severe
Backdoor:Win32/Dutnutot severe
Backdoor:Win32/Zegost.CQ!bit severe
Trojan:Win32/Skeeyah.A!MTB severe
TrojanDownloader:O97M/Obfuse.KK!MTB severe
Trojan:Win32/Emotet!MTB severe
TrojanDownloader:O97M/Donoff!MTB severe
BrowserModifier:Win32/Foxiebro high
Behavior:Win32/PSKeyloggerScriptDrop.A severe