Change logs for security intelligence update version

This page lists newly added and updated threat detections included in security intelligence updates for Windows Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Released on

Added threat detections

No new threat detections added in selected update

Name Severity
Behavior:Win32/InstallCore.R!trigger severe
HackTool:MacOS/KeychainDump.A!MTB high
PUA:MacOS/Bundlore.CN!MTB severe
PUA:MacOS/Bundlore.CN!MTB severe
PUA:MacOS/MacKeeper.V!MTB severe
PUA:Win32/InstallCore.R severe
Trojan:Win32/Emotet.DBO!MTB severe
PUA:MacOS/Synataeb.A!MTB severe
Trojan:Win32/KillAproc!MSR severe
Trojan:Win32/TrickBot.HB!MTB severe
Trojan:Win64/KillAproc severe
Trojan:Win64/PsBanker severe
Trojan:Win32/Fakeapp!MSR severe
Adware:MSIL/BrwSafGrd!MSR high
Ransom:Win32/Gansom!MSR severe
Trojan:MSIL/Ubt!MSR severe
Trojan:Win32/Dapato.PVD!MTB severe
Trojan:Win32/FormBook.BS!MTB severe
Trojan:Win32/PonyStealer!MTB severe
TrojanDownloader:O97M/Ursnif.BE!ctv severe
TrojanDownloader:VBS/Hiloiu!rfn severe
TrojanDownloader:MSIL/Pabin.GG!MTB severe
TrojanDownloader:Win32/Obfuse.AR severe
Exploit:O97M/CVE-2010-3333!MSR severe
Exploit:O97M/CVE-2010-3333!MSR severe
Worm:Win32/Ainslot!MSR severe
Trojan:Win32/Bandit.GB!MTB severe
Trojan:Win32/GandCrypt.GJ!rfn severe
TrojanDropper:O97M/GraceWire.AP!MTB severe
Trojan:MSIL/FormBook.I!MTB severe
Trojan:Win32/FormBook.H!MTB severe
Trojan:Win32/FormBook.J!MTB severe
Trojan:Win32/FormBook.K!MTB severe
Trojan:Win32/FormBook.O!MTB severe
Virus:DOS/Cryptlab_2868.C!rfn severe
Virus:DOS/Cryptlab_2868.C!rfn severe
PUA:MacOS/Bundlore.CL!MTB severe
PUA:MacOS/Genieo.L!MTB severe
PUA:MacOS/PerfectKeylogger.E!MTB severe
Trojan:Win32/Killfiles!MSR severe
VirTool:MSIL/Covent.C severe
VirTool:MSIL/Realm.A severe
Virus:DOS/Cryptlab_2868.A!rfn severe
Trojan:MSIL/Lore.YA!ctv severe

Updated threat detections

No threat detections updated in selected update

Name Severity
Exploit:O97M/CVE-2017-11882!MTB severe
Trojan:Win32/Autorun!lnk severe
Trojan:Win32/Malmsi!MSR severe
Trojan:Win64/CoinMiner!MSR severe
TrojanSpy:Win32/Ursnif!MTB severe
Worm:Win32/Autorun!MSR severe
PWS:Win32/Prast!rfn severe
Ransom:Win32/Gandcrab.C!rfn severe
Trojan:HTML/FakeAlert!MSR severe
Trojan:MSIL/CryptInject!MSR severe
Trojan:Win32/Bumat!rfn severe
Trojan:Win32/Downloader.G!rfn severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet.AC!rfn severe
Trojan:Win32/Eqtonex.F!rfn severe
Trojan:Win32/Generic!rfn severe
Trojan:Win32/Grenam.B!rfn severe
Trojan:Win32/Qakbot.SD!rfn severe
TrojanDownloader:O97M/Dornoe.A!rfn severe
TrojanDownloader:O97M/Dornoe.C!rfn severe
Behavior:Win32/InstallCore.L severe
Trojan:Win32/Remcos!MTB severe
Trojan:Win32/Trickbot.BS!MTB severe
Trojan:PDF/Phish severe
Trojan:Win32/CryptInject!MSR severe
Trojan:Win64/Meterpreter severe
Backdoor:Linux/Mirai!rfn severe
Backdoor:MSIL/Bladabindi severe
Backdoor:MSIL/Noancooe.C severe
Backdoor:Win32/Gaertob.A severe
Backdoor:Win32/Predator.J!rfn severe
DDoS:Linux/Lightaidra!rfn severe
Exploit:O97M/CVE-2017-0199!MTB severe
Exploit:O97M/CVE-2017-11882!ctv severe
Exploit:O97M/CVE-2017-11882!MTB severe
Exploit:O97M/CVE-2017-11882.AW!ctv severe
Exploit:O97M/CVE-2017-11882.AX!ctv severe
Exploit:O97M/CVE-2017-11882.AY!ctv severe
Exploit:O97M/CVE-2017-8570.AL!MTB severe
FriendlyFiles low
HackTool:Win32/AutoKMS high
HackTool:Win32/Keygen!MSR high
HackTool:Win32/Virledi!rfn high
HackTool:Win32/Virledi.A high
PWS:Win32/AgentTesla.YB!rfn severe
PWS:Win32/Prast!rts high
PWS:Win32/Vidar.YB!rfn severe
Ransom:Win32/GandCrab severe
Ransom:Win32/Genasom severe
Ransom:Win32/GrandCrab.SA!rfn severe
Ransom:Win64/Jabaxsta.A severe
Trojan:Linux/CoinMiner!rfn severe
Trojan:Linux/Gafgyt!rfn severe
Trojan:MSIL/Bokytuda.A!rfn severe
Trojan:MSIL/LoressoObfus.B!ctv severe
Trojan:O97M/Obfuse!rfn severe
Trojan:O97M/Sonbokli.A!ctv severe
Trojan:PDF/Sonbokli.A!ctv severe
Trojan:Script/Casur.A!ctv severe
Trojan:Script/Conteban.A!ctv severe
Trojan:Script/Woreflint.A!ctv severe
Trojan:VBS/Sonbokli.A!ctv severe
Trojan:Win32/AutoitInject.BH!rfn severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Bumat!rts high
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CoinMiner!rfn severe
Trojan:Win32/CoinMiner.C!rfn severe
Trojan:Win32/CryptInject severe
Trojan:Win32/CryptInject!ctv severe
Trojan:Win32/CryptInject!MSR severe
Trojan:Win32/CryptInject.GTLM!rfn severe
Trojan:Win32/DefenseEvasion!rfn severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!dtc severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emali.B!ctv severe
Trojan:Win32/Emotet!rfn severe
Trojan:Win32/Emotet.AC!bit severe
Trojan:Win32/Emotet.AC!rfn severe
Trojan:Win32/Emotet.AD!rfn severe
Trojan:Win32/Emotet.ARJ!rfn severe
Trojan:Win32/Emotet.DS!rfn severe
Trojan:Win32/Emotet.S!rfn severe
Trojan:Win32/Eqtonex.F!dha severe
Trojan:Win32/Esulat.A!ctv severe
Trojan:Win32/Execution!rfn severe
Trojan:Win32/Fareit.VB!MTB severe
Trojan:Win32/Gandcrab.AF severe
Trojan:Win32/Generic!BV severe
Trojan:Win32/Generic!rfn severe
Trojan:Win32/Glupteba.D!rfn severe
Trojan:Win32/Gootkit.AC!rfn severe
Trojan:Win32/Grenam.B!inf severe
Trojan:Win32/Injeber.A!rfn severe
Trojan:Win32/Occamy.B severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Occamy.C!ctv severe
Trojan:Win32/Persistence!rfn severe
Trojan:Win32/Powemet.A!attk severe
Trojan:Win32/PrivilegeEscalation!rfn severe
Trojan:Win32/Pynamer.A!rfn severe
Trojan:Win32/Pynamer.B!rfn severe
Trojan:Win32/Qakbot.SD!rfn severe
Trojan:Win32/Ramnit severe
Trojan:Win32/Skeeyah.A!ctv severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Skeeyah.B!rfn severe
Trojan:Win32/Socelars!rfn severe
Trojan:Win32/Tiggre!ctv severe
Trojan:Win32/Tisar.A!ctv severe
Trojan:Win32/Tisifi.B!ctv severe
Trojan:Win32/TrickBot!MTB severe
Trojan:Win32/TrickBot.I severe
Trojan:Win32/Trufip!rfn severe
Trojan:Win32/Ursnif!rfn severe
Trojan:Win32/Viball.A!ctv severe
Trojan:Win32/Vibven.A!ctv severe
Trojan:Win32/Virumulu.A severe
Trojan:Win32/Wacatac.B!rfn severe
Trojan:Win32/Wacatac.C!ctv severe
TrojanClicker:Win32/Clikug!rfn severe
TrojanDownloader:O97M/Donoff!rfn severe
TrojanDownloader:O97M/Dornoe.A!ams severe
TrojanDownloader:O97M/Dornoe.A!rfn severe
TrojanDownloader:O97M/Dornoe.C!ams severe
TrojanDownloader:O97M/Dornoe.C!rfn severe
TrojanDownloader:O97M/Obfuse.MU!rfn severe
TrojanDownloader:O97M/Predator.ARJ!ctv severe
TrojanDownloader:Script/Nemucod.JAC severe
TrojanDownloader:Win32/Adload!rfn high
TrojanDownloader:Win32/Banload.ZFK!rfn severe
TrojanDownloader:Win32/FakeIE.B severe
TrojanDownloader:Win32/Gratem.A severe
TrojanDownloader:Win32/Troxen!rfn severe
TrojanDownloader:Win32/Upatre.A severe
TrojanDownloader:Win32/Zurgop.AR!rfn severe
TrojanDropper:O97M/Powdow!MTB severe
TrojanDropper:Win32/Bunitu severe
TrojanProxy:Win32/Bunitu.Q!rfn severe
TrojanSpy:Win32/Banload.AAA!rfn severe
TrojanSpy:Win32/Skeeyah.A!rfn severe
Worm:VBS/Jenxcus.K severe
Worm:Win32/Brontok@mm severe
Worm:Win32/Dorkbot severe
Worm:Win32/Dumpy.A severe
Worm:Win32/Phorpiex.M severe
Exploit:O97M/CVE-2010-3333!MSR severe
Exploit:O97M/CVE-2010-3333!MSR severe
Exploit:O97M/CVE-2017-11882!MSR severe
Trojan:Win32/CryptInject!MSR severe
TrojanDownloader:MSIL/Pabin.GG!MTB severe
TrojanDownloader:O97M/Powdow.ARJ!MTB severe
TrojanDropper:O97M/Obfuse.ARJ!MTB severe
TrojanDropper:O97M/Obfuse.ARJ!MTB severe
Worm:Win32/Ainslot!MSR severe
Worm:Win32/Ainslot!MSR severe
Backdoor:MacOS/ShellReverseTcp!MTB severe
Exploit:O97M/CVE-2010-3333!MSR severe
Trojan:HTML/Phish!MTB severe
Trojan:VBS/Nemucod!MSR severe
Trojan:Win32/AgentTesla!MSR severe
Trojan:Win32/CryptInject!MSR severe
Trojan:Win32/Emotet.ARJ!MTB severe
TrojanDownloader:MSIL/Pabin.GG!MTB severe
Worm:Win32/Ainslot!MSR severe
Backdoor:MSIL/Bladabindi severe
Backdoor:Win32/Hupigon severe
Backdoor:Win32/Predator.J!MTB severe
Backdoor:Win32/Predator.J!rfn severe
Backdoor:Win32/QuasarRAT.A severe
Backdoor:Win32/Tofsee.T severe
HackTool:Win32/AutoKMS high
HackTool:Win32/AutoKMS!rfn high
HackTool:Win32/Virledi.A high
PWS:Win32/AgentTesla.YB!rfn severe
PWS:Win32/Zbal.B severe
Ransom:Win32/GandCrab!rfn severe
Ransom:Win32/Genasom severe
Trojan:MSIL/Bokytuda.A!bit severe
Trojan:MSIL/CryptInject!MSR severe
Trojan:O97M/Obfuse!rfn severe
Trojan:O97M/Obfuse.CO severe
Trojan:Win32/AgentTesla!MSR severe
Trojan:Win32/Androm.AC!rfn severe
Trojan:Win32/Bladi!rfn severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CoinMiner!bit severe
Trojan:Win32/CoinMiner.C!rfn severe
Trojan:Win32/CommandAndControl!rfn severe
Trojan:Win32/CryptInject!MSR severe
Trojan:Win32/DSSDetection severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!dtc severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet!rfn severe
Trojan:Win32/Emotet.AC!bit severe
Trojan:Win32/Emotet.AC!rfn severe
Trojan:Win32/Emotet.DHF!rfn severe
Trojan:Win32/Emotet.PA!rfn severe
Trojan:Win32/Emotet.PB severe
Trojan:Win32/Emotet.PD!rfn severe
Trojan:Win32/Gandcrab.AF severe
Trojan:Win32/Generic!rfn severe
Trojan:Win32/Glupteba.D!rfn severe
Trojan:Win32/Grenam.B!rfn severe
Trojan:Win32/Injeber.A!rfn severe
Trojan:Win32/MereTam.A severe
Trojan:Win32/Occamy.A severe
Trojan:Win32/Occamy.B severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Persistence!rfn severe
Trojan:Win32/Pynamer.A!ac severe
Trojan:Win32/Pynamer.A!rfn severe
Trojan:Win32/Redosdru.W severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Tonmye severe
Trojan:Win32/Wacatac.B!rfn severe
TrojanDownloader:O97M/Donoff!rfn severe
TrojanDownloader:O97M/Dornoe.A!ams severe
TrojanDownloader:O97M/Dornoe.C!ams severe
TrojanDownloader:O97M/Dornoe.C!rfn severe
TrojanDownloader:O97M/MalSpam!MTB severe
TrojanDownloader:O97M/Obfuse.NO!rfn severe
TrojanDownloader:Win32/Adload!rfn high
TrojanDownloader:Win32/FakeIE.B severe
TrojanDownloader:Win32/Zurgop.AR!rfn severe
TrojanSpy:Win32/PerfectKeylogger_147 severe
TrojanSpy:Win32/Skeeyah.A!rfn severe
VirTool:Win32/Injector.JG severe
Worm:Win32/Jenxcus!rfn severe
Exploit:O97M/CVE-2017-0199.ARJ!MTB severe
Exploit:O97M/CVE-2017-0199.ARJ!MTB severe
Trojan:iPhoneOS/Tiniv.A!MTB severe
Trojan:Win32/Emotet.ARJ!MTB severe
Virus:DOS/Cryptlab_2868.C!rfn severe
Virus:DOS/Cryptlab_2868.C!rfn severe
Backdoor:Win32/Predator.J!rfn severe
BrowserModifier:Win32/Foxiebro high
Exploit:O97M/CVE-2017-0199!MTB severe
Exploit:O97M/CVE-2017-0199.ARJ!MTB severe
PWS:Win32/Prast!rfn severe
Ransom:Win32/Gandcrab.C!rfn severe
Trojan:MSIL/CryptInject!MSR severe
Trojan:Win32/CryptInject.PVD!rfn severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet.AC!rfn severe
Trojan:Win32/Emotet.PA!rfn severe
Trojan:Win32/Malagent!rfn severe
Trojan:Win32/Orsam!rfn severe
Trojan:Win32/Persistence!rfn severe
Trojan:Win32/Powessere.K severe
Trojan:Win32/Pynamer.A!rfn severe
Trojan:Win32/Sisproc!rfn severe
Trojan:Win32/Troldesh!rfn severe
TrojanDownloader:O97M/Dornoe.A!rfn severe
TrojanDownloader:Win32/Troxen!rfn severe
Exploit:O97M/CVE-2017-11882!MSR severe
Exploit:O97M/CVE-2017-11882.ARJ!MTB severe
FriendlyFiles low
Ransom:Win32/Ryuk!MSR severe
Trojan:HTML/Phish!MSR severe
Trojan:MacOS/FishHook.A!MTB severe
Trojan:MSIL/CryptInject!MSR severe
Trojan:Win32/CryptInject!MSR severe
Trojan:Win32/Emotet.ARJ!MTB severe
Trojan:Win32/Fareit!MSR severe
VirTool:MSIL/Obfuscator.BQ severe
Backdoor:Linux/Mirai!rfn severe
Backdoor:MSIL/Bladabindi severe
Backdoor:MSIL/Bladabindi.AJ severe
Backdoor:Win32/Bifrose severe
Backdoor:Win32/Fynloski severe
Backdoor:Win32/Fynloski.A severe
Backdoor:Win32/Predator.J!rfn severe
Backdoor:Win32/Zegost severe
BrowserModifier:Win32/SupTab high
HackTool:Win32/Virledi.A high
HackTool:Win32/Wpakill high
PWS:Win32/AgentTesla.YB!MTB severe
PWS:Win32/Fareit.AD!rfn severe
PWS:Win32/Stimilina.E!rfn severe
PWS:Win32/Vidar.YB!rfn severe
Ransom:AndroidOS/LockScreen!rfn severe
Ransom:Win32/Clop!MSR severe
Ransom:Win32/Troldesh.A severe
SoftwareBundler:Win32/Dlhelper high
Trojan:Java/Adwind severe
Trojan:JS/CoinHive.A severe
Trojan:MSIL/Upadter.A severe
Trojan:Win32/Bluteal!rfn severe
Trojan:Win32/Bomitag.D!rfn severe
Trojan:Win32/Bumat!rfn severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/CoinMiner.C!cl severe
Trojan:Win32/CoinMiner.PE severe
Trojan:Win32/CommandAndControl!rfn severe
Trojan:Win32/CryptInject severe
Trojan:Win32/CryptInject.GTLM!rfn severe
Trojan:Win32/Crysteb!rfn severe
Trojan:Win32/Danabot!rfn severe
Trojan:Win32/DefenseEvasion!rfn severe
Trojan:Win32/Downloader.G!rfn severe
Trojan:Win32/Dynamer!ac severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet!rfn severe
Trojan:Win32/Emotet.AC!bit severe
Trojan:Win32/Emotet.DHF!rfn severe
Trojan:Win32/Emotet.DS!rfn severe
Trojan:Win32/Emotet.EB severe
Trojan:Win32/Eqtonex.F!rfn severe
Trojan:Win32/Execution!rfn severe
Trojan:Win32/Gandcrab.AF severe
Trojan:Win32/Generic!BV severe
Trojan:Win32/Generic!rfn severe
Trojan:Win32/Glupteba.D!rfn severe
Trojan:Win32/Mamson.A!rfn severe
Trojan:Win32/Meredrop severe
Trojan:Win32/Nebuler.F.dll severe
Trojan:Win32/Occamy.B severe
Trojan:Win32/Occamy.C severe
Trojan:Win32/Persistence!rfn severe
Trojan:Win32/Pynamer.A!rfn severe
Trojan:Win32/Qakbot.SD!rfn severe
Trojan:Win32/Ramnit.A severe
Trojan:Win32/Skeeyah.A!MTB severe
Trojan:Win32/Skeeyah.A!rfn severe
Trojan:Win32/Skeeyah.B!rfn severe
Trojan:Win32/Suloc.A severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win32/Tonmye severe
Trojan:Win32/Trickbot.GN severe
Trojan:Win32/Trufip!rts high
Trojan:Win32/Wacatac.B!ml severe
Trojan:Win32/Winexert!rfn severe
Trojan:Win32/Zonidel.A severe
TrojanDownloader:JS/BITSAbuse!rfn severe
TrojanDownloader:JS/Donvibs!rfn severe
TrojanDownloader:JS/Nemucod severe
TrojanDownloader:JS/Nemucod!rfn severe
TrojanDownloader:O97M/Donoff!rfn severe
TrojanDownloader:O97M/Dornoe.A!ams severe
TrojanDownloader:O97M/Dornoe.C!ams severe
TrojanDownloader:O97M/Obfuse.DT severe
TrojanDownloader:O97M/Powdow!rfn severe
TrojanDownloader:Script/Nemucod.JAC severe
TrojanDownloader:VBS/Hiloiu!ams severe
TrojanDownloader:Win32/Adload!rfn high
TrojanDownloader:Win32/Banload!rfn severe
TrojanDownloader:Win32/Dontovo.A severe
TrojanDownloader:Win32/FakeIE.B severe
TrojanDownloader:Win32/Zurgop.AR!rfn severe
TrojanProxy:Win32/Bunitu.Q!bit severe
TrojanProxy:Win32/Bunitu.Q!rfn severe
TrojanSpy:Win32/Banload.AAA!rfn severe
Virus:DOS/Syslock.3551.dam severe
Virus:DOS/Vienna_716.C severe
Virus:Win32/Neshta.A severe
Worm:Win32/Ainslot.N severe
Worm:Win32/Jenxcus severe
Ransom:Win32/Clop!MSR severe
Ransom:Win32/Gandcrab.C!rfn severe
SoftwareBundler:Win32/Dlhelper!rfn high
Trojan:MSIL/CryptInject!rfn severe
Trojan:MSIL/NanoTesla.SV!rfn severe
Trojan:Win32/AutoitInject.BH!rfn severe
Trojan:Win32/Bumat!rfn severe
Trojan:Win32/CryptInject.GTLM!rfn severe
Trojan:Win32/DefenseEvasion!rfn severe
Trojan:Win32/Dynamer!rfn severe
Trojan:Win32/Emotet.AC!rfn severe
Trojan:Win32/Esulat.A!rfn severe
Trojan:Win32/FloatCl.AC!rfn severe
Trojan:Win32/Pynamer.A!rfn severe
Trojan:Win32/Sonoko.A!rfn severe
TrojanDownloader:O97M/Dornoe.A!rfn severe
TrojanDownloader:O97M/Dornoe.C!rfn severe
TrojanDownloader:Win32/Troxen!rfn severe
TrojanProxy:Win32/Bunitu.Q!rfn severe
VirTool:MSIL/CryptInject.PD!rfn severe
VirTool:Win32/CeeInject.BDS!rfn severe
Worm:JS/Bondat!rfn severe
FriendlyFiles low
Exploit:O97M/CVE-2017-0199.G!ctv severe
Exploit:O97M/CVE-2017-11882.AW!ctv severe
Exploit:O97M/CVE-2017-11882.AX!ctv severe
Exploit:O97M/CVE-2017-11882.AY!ctv severe
FriendlyFiles low
Trojan:MSIL/LoressoObfus.B!ctv severe
Trojan:Script/Casur.A!ctv severe
Trojan:Script/Oneeva.A!ctv severe
Trojan:Script/Woreflint.A!ctv severe
Trojan:Win32/Bluteal!ctv severe
Trojan:Win32/Esulat.A!ctv severe
Trojan:Win32/Occamy.C!ctv severe
Trojan:Win32/Pwsteal.Q!ctv severe
Trojan:Win32/Skeeyah.A!ctv severe
Trojan:Win32/Tiggre!ctv severe
Trojan:Win32/Tisace.A!ctv severe
Trojan:Win32/Tisar.A!ctv severe
Trojan:Win32/Tisar.B!ctv severe
Trojan:Win32/Tisifi.B!ctv severe
Trojan:Win32/Viball.A!ctv severe
Trojan:Win32/Vibven.A!ctv severe
TrojanDownloader:O97M/Obfuse!ctv severe
TrojanDownloader:O97M/Predator.ARJ!ctv severe