Skip to main content

Change logs for security intelligence update version 1.449.602.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Released on

5/13/2026 7:55:53 PM

Added threat detections

Name Severity
Backdoor:MSIL/WebShell.KK!MTB severe
Behavior:MacOS/SuspInfoExfil.B severe
Behavior:Win32/SuspRundllConnect.C severe
HackTool:Win32/Zusy!MTB high
Phish:HTML/Redirector.AZQ!MTB severe
Phish:HTML/Redirector.AZW!MTB severe
Ransom:Win64/BallerWare.ABWR!MTB severe
Ransom:Win64/SorryRan.PA!MTB severe
Trojan:HTML/Redirector.MZB!MTB severe
Trojan:JS/Cryxos.HBL!MTB severe
Trojan:JS/Kryptik!AMTB severe
Trojan:JS/Obfuse.PISL!MTB severe
Trojan:JS/Redirector.FFS!MTB severe
Trojan:JS/Redirector.GGS!MTB severe
Trojan:MSIL/Filecoder.ZVD!MTB severe
Trojan:MSIL/KillWin.ARR!MTB severe
Trojan:MSIL/QuasarRat.ALUB!MTB severe
Trojan:PowerShell/Boxter.NWD!MTB severe
Trojan:PowerShell/XWorm.SLRT!MTB severe
Trojan:Win32/Neoreblamy.NWJ!MTB severe
Trojan:Win64/AgentTesla.HL!MTB severe
Trojan:Win64/Aotera.AHB!MTB severe
Trojan:Win64/Aotera.LSX!MTB severe
Trojan:Win64/Cerbu.AHK!MTB severe
Trojan:Win64/Havoc.KK!MTB severe
Trojan:Win64/Vidar.SNG!MTB severe
Worm:Win32/Allaple.KK!MTB severe

Updated threat detections

Name Severity
Adware:Win32/BroExt!MSR high
Adware:Win32/Tnega high
Backdoor:Java/Dirtelti.A severe
Backdoor:Linux/DemonBot!rfn severe
Backdoor:MSIL/AsyncRAT!rfn severe
Backdoor:MSIL/Bladabindi!rfn severe
Backdoor:PHP/Remoteshell.D severe
Backdoor:PHP/WebShell!MSR severe
Backdoor:Win32/Padodor.SK!MTB severe
Backdoor:Win32/Simda!pz severe
Backdoor:Win64/Coroxy!rfn severe
Backdoor:Win64/PortStarter!rfn severe
BrowserModifier:MSIL/MediaArena high
BrowserModifier:MSIL/MediaArena!MTB high
BrowserModifier:Win32/Shafmia high
DDoS:Linux/Multiverze!rfn severe
DDoS:Win32/Nitol!pz severe
Exploit:HTML/Shellcode.G!MSR severe
Exploit:O97M/CVE-2017-0199.SZE!MTB severe
Exploit:O97M/CVE-2018-0798!KZH severe
HackTool:Linux/GsNetcat.A!MTB high
HackTool:PowerShell/DumpDBCreds!rfn high
HackTool:PowerShell/PowerSploit.E high
HackTool:Python/Impacket!MSR high
HackTool:Win32/Agent high
HackTool:Win32/AutoKMS high
HackTool:Win32/AutoKMS!MSR high
HackTool:Win32/BrowserPassview!rfn high
HackTool:Win32/crack high
HackTool:Win32/Crack!MTB high
HackTool:Win32/Crack!pz high
HackTool:Win32/Defendercontrol high
HackTool:Win32/Injector!MTB high
HackTool:Win32/Keygen high
HackTool:Win32/Keygen!AMTB high
HackTool:Win32/Keygen!MTB high
HackTool:Win32/Keygen!pz high
HackTool:Win32/Mailpassview!rfn high
HackTool:Win32/Mimikatz high
HackTool:Win32/Patcher high
HackTool:Win64/Crack!MTB high
HackTool:Win64/RemoteAdmin!MTB high
Misleading:Win32/Lodi high
Program:Win32/PatchedTel!MTB high
PWS:Win32/Zbot!pz severe
Ransom:MSIL/FileCoder.KK!MTB severe
Ransom:Win32/Babuk!rfn severe
Ransom:Win32/BlackCat!rfn severe
Ransom:Win32/Conti!rfn severe
Ransom:Win32/Crowti.MKV!MTB severe
Ransom:Win32/CylanceLoader!rfn severe
Ransom:Win32/Filecoder!rfn severe
Ransom:Win32/Helldown!rfn severe
Ransom:Win32/Petya!rfn severe
Ransom:Win64/Akira!rfn severe
Ransom:Win64/BianLian.B!MSR severe
Ransom:Win64/LockBit!rfn severe
Ransom:Win64/Mallox!rfn severe
SupportScam:Win32/Screcwon.MD!MTB severe
Trojan:AndroidOS/AVerseFalc!rfn severe
Trojan:AndroidOS/Casdet!rfn severe
Trojan:BAT/Qakbot!rfn severe
Trojan:HTML/FakeCaptcha.P!MTB severe
Trojan:HTML/Obfuse!rfn severe
Trojan:HTML/Qakbot!rfn severe
Trojan:HTML/Redirector.BA!MTB severe
Trojan:HTML/Redirector.MSS!MTB severe
Trojan:HTML/Redirector.SSF!MTB severe
Trojan:HTML/Redirector.VVZ!MTB severe
Trojan:HTML/Redirector.XXZ!MTB severe
Trojan:HTML/ScrInject.SJKP!MTB severe
Trojan:HTML/ScrInject.SMW!MTB severe
Trojan:HTML/SpamLeonem!rfn severe
Trojan:JS/AgentTesla.P!MTB severe
Trojan:JS/Malgent!MSR severe
Trojan:JS/Obfus!MSR severe
Trojan:JS/QakbotLNK!rfn severe
Trojan:JS/Redirector.TSE!MTB severe
Trojan:Linux/Multiverze!rfn severe
Trojan:MSIL/AgentTesla!MTB severe
Trojan:MSIL/AsyncRat!rfn severe
Trojan:MSIL/BadJoke severe
Trojan:MSIL/CoinMiner!rfn severe
Trojan:MSIL/DiscordStealer.KRX!MTB severe
Trojan:MSIL/Filecoder.ZVD!MTB severe
Trojan:MSIL/FormBook.CD!MTB severe
Trojan:MSIL/Heracles.ARR!MTB severe
Trojan:MSIL/PureRat.ARQB!MTB severe
Trojan:MSIL/QuasarRAT!MTB severe
Trojan:MSIL/Remcos.ASB!MTB severe
Trojan:MSIL/Tedy.KK!MTB severe
Trojan:MSIL/XWorm!rfn severe
Trojan:MSIL/Zilla!MTB severe
Trojan:MSIL/Zusy!MTB severe
Trojan:O97M/DDownloader!rfn severe
Trojan:PDF/Ursinf!rfn severe
Trojan:PowerShell/Boxter.AIUB!MTB severe
Trojan:PowerShell/Boxter.HJD!MTB severe
Trojan:PowerShell/Malgent!rfn severe
Trojan:PowerShell/Pklotide.A severe
Trojan:PowerShell/Pterodo!rfn severe
Trojan:PowerShell/QakBot!rfn severe
Trojan:Python/Bobik.EB!MTB severe
Trojan:Python/Downloader.SA severe
Trojan:Script/Malgent!MSR severe
Trojan:Script/Multiverze!rfn severe
Trojan:Unix/Multiverze!rfn severe
Trojan:VBS/Emotet!rfn severe
Trojan:VBS/Obfuse!rfn severe
Trojan:VBS/Qakbot!rfn severe
Trojan:Win32/Acll!rfn severe
Trojan:Win32/Agent!MSR severe
Trojan:Win32/AgentCrypt!rfn severe
Trojan:Win32/Alevaul!rfn severe
Trojan:Win32/Amadey!rfn severe
Trojan:Win32/AntiVm!rfn severe
Trojan:Win32/Apolmy.C severe
Trojan:Win32/AutoRun!AMTB severe
Trojan:Win32/Casdet!rfn severe
Trojan:Win32/Ceevee severe
Trojan:Win32/Cerber!rfn severe
Trojan:Win32/CobaltStrike!pz severe
Trojan:Win32/CoinMiner!AMTB severe
Trojan:Win32/Copak.GPX!MTB severe
Trojan:Win32/Copak.KAV!MTB severe
Trojan:Win32/CoreWarrior.DA!MTB severe
Trojan:Win32/CryptInject!rfn severe
Trojan:Win32/DllInject!rfn severe
Trojan:Win32/Doina.MBHT!MTB severe
Trojan:Win32/Egairtigado!rfn severe
Trojan:Win32/Fareit.VB!MTB severe
Trojan:Win32/Farfli.SXA!MTB severe
Trojan:Win32/Fauppod!rfn severe
Trojan:Win32/Flystudio!pz severe
Trojan:Win32/FlyStudio.PGC!MTB severe
Trojan:Win32/FormBook!pz severe
Trojan:Win32/Glupteba!rfn severe
Trojan:Win32/Grandoreiro!pz severe
Trojan:Win32/GuLoader!rfn severe
Trojan:Win32/GuLoader.OSX!MTB severe
Trojan:Win32/IcedIDLNK!rfn severe
Trojan:Win32/ICLoader!pz severe
Trojan:Win32/InfoStealer severe
Trojan:Win32/Injector.RAQ!MTB severe
Trojan:Win32/InjectorCrypt!rfn severe
Trojan:Win32/InjectorCrypt.SN!MTB severe
Trojan:Win32/IRCBot.EN!MTB severe
Trojan:Win32/Kazadm.A!MTB severe
Trojan:Win32/Kepavll!rfn severe
Trojan:Win32/Keygen!pz severe
Trojan:Win32/Killav severe
Trojan:Win32/Latrodectus!rfn severe
Trojan:Win32/Leonem!rfn severe
Trojan:Win32/LodaRAT.EA!MTB severe
Trojan:Win32/LummaStealer severe
Trojan:Win32/Malgent severe
Trojan:Win32/Malgent!MSR severe
Trojan:Win32/Malgent!MTB severe
Trojan:Win32/Malgent!rfn severe
Trojan:Win32/MereTam!rfn severe
Trojan:Win32/Neoreblamy!rfn severe
Trojan:Win32/Oyester!rfn severe
Trojan:Win32/PhishLeonem!rfn severe
Trojan:Win32/Pikabot!rfn severe
Trojan:Win32/Pomal!rfn severe
Trojan:Win32/Pterodo!rfn severe
Trojan:Win32/Qakbot!rfn severe
Trojan:Win32/Qukart.ASO!MTB severe
Trojan:Win32/Qwexlafiba!rfn severe
Trojan:Win32/Ravartar!rfn severe
Trojan:Win32/Remcos!rfn severe
Trojan:Win32/SalatStealer!MTB severe
Trojan:Win32/Seheq!rfn severe
Trojan:Win32/Shellara!rfn severe
Trojan:Win32/ShellcodeRunner!MTB severe
Trojan:Win32/ShellCodeRunner.KK!MTB severe
Trojan:Win32/ShellcodeRunner.SXA!MTB severe
Trojan:Win32/Skeeyah.A!MTB severe
Trojan:Win32/SpyBanker!rfn severe
Trojan:Win32/Supma.A severe
Trojan:Win32/Suschil!rfn severe
Trojan:Win32/Swisyn.ADA!MTB severe
Trojan:Win32/Tedy!MTB severe
Trojan:Win32/Tiggre severe
Trojan:Win32/Tiggre!rfn severe
Trojan:Win32/Tnega!MSR severe
Trojan:Win32/VBClone.GTT!MTB severe
Trojan:Win32/WinLNK!rfn severe
Trojan:Win32/WinLNK.HFJ!MTB severe
Trojan:Win32/XenoRat!MSR severe
Trojan:Win32/Yomal!rfn severe
Trojan:Win32/Zbot.HBAI!MTB severe
Trojan:Win32/Zloader!rfn severe
Trojan:Win32/Znyonm!rfn severe
Trojan:Win32/Zusy.BL!MTB severe
Trojan:Win32/Zusy.KK!MTB severe
Trojan:Win64/Aotera!MTB severe
Trojan:Win64/BLackWidow!rfn severe
Trojan:Win64/CobaltStrike!rfn severe
Trojan:Win64/CoinMiner!MTB severe
Trojan:Win64/CoinMiner!rfn severe
Trojan:Win64/CryptInject!rfn severe
Trojan:Win64/DllInjector!MTB severe
Trojan:Win64/Donut!rfn severe
Trojan:Win64/Emotet!rfn severe
Trojan:Win64/EmotetPacker!rfn severe
Trojan:Win64/IcedID!rfn severe
Trojan:Win64/Jalapeno.ARR!MTB severe
Trojan:Win64/Latrodectus!rfn severe
Trojan:Win64/Lazy!MTB severe
Trojan:Win64/Malgent!MTB severe
Trojan:Win64/Malgent!rfn severe
Trojan:Win64/Oysterloader!rfn severe
Trojan:Win64/RustyStealer.CP!MTB severe
Trojan:Win64/Sheheq!rfn severe
Trojan:Win64/ShellcodeRunner!MTB severe
Trojan:Win64/Shelm!rfn severe
Trojan:Win64/Stealerc!MTB severe
Trojan:Win64/Tedy!MTB severe
Trojan:Win64/VMProtect!MTB severe
Trojan:Win64/XWorm.VGY!MTB severe
Trojan:Win64/ZLoader!rfn severe
Trojan:Win64/ZLoaderE!rfn severe
Trojan:Win64/Zusy.KKB!MTB severe
Trojan:WinNT/Sality!rfn severe
TrojanClicker:Win32/Doplik.Q severe
TrojanDownloader:BAT/QakBotLoader!rfn severe
TrojanDownloader:JS/Malgent!rfn severe
TrojanDownloader:JS/NetLoader!MTB severe
TrojanDownloader:JS/Qakbot!rfn severe
TrojanDownloader:O97M/Emotet!rfn severe
TrojanDownloader:O97M/Emotet.AL!MTB severe
TrojanDownloader:O97M/EncDoc.BK!MTB severe
TrojanDownloader:PDF/Qakbot!rfn severe
TrojanDownloader:PowerShell/Obfuse!rfn severe
TrojanDownloader:SWF/Esaprof!pz severe
TrojanDownloader:Win32/Citeary!rfn severe
TrojanDownloader:Win32/Loan.BG!MTB severe
TrojanDownloader:Win32/ShortSeek!rfn severe
TrojanDownloader:Win64/Dlass!pz severe
TrojanDropper:Win32/Muldrop.V!MTB severe
VirTool:Java/Meterpreter.A severe
VirTool:MSIL/Aikaantivm!rfn severe
VirTool:Win64/CobaltStrike!rfn severe
VirTool:WinNT/Rootkitdrv!rfn severe
Worm:Win32/AutoRun!pz severe
Worm:Win32/Brontok!rfn severe
Worm:Win32/Citeary!rfn severe
Worm:Win32/Fadok!pz severe
Worm:Win32/FakeFolder!pz severe
Worm:Win32/Ganelp.AF!MTB severe
Worm:Win32/Helompy!pz severe
Worm:Win32/Lightmoon!pz severe
Worm:Win32/Mofksys!rfn severe
Worm:Win32/Mydoom.PB!MTB severe
Worm:Win32/Nuqel!pz severe
Worm:Win32/Nuqel!rfn severe
Worm:Win32/Sohanad!rfn severe