Change logs for security intelligence update version 1.443.186.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

12/18/2025 3:57:43 AM

Added threat detections

Name	Severity
Behavior:Win32/Amadey.DF!MTB	severe
HackTool:Win32/Meterpreter!MTB	high
Trojan:BAT/XWorm.PP!MTB	severe
Trojan:HTML/FakeLogin.SMB!MSR	severe
Trojan:JS/Obfuse.AONB!MTB	severe
Trojan:MSIL/Zilla.ABMZ!MTB	severe
Trojan:PowerShell/CVE-2025-64669.DA!MTB	severe
Trojan:PowerShell/XWorm.P!MTB	severe
Trojan:PowerShell/Xworm.RR!MTB	severe
Trojan:VBA/AsyncRAT!AMTB	severe
Trojan:VBS/FormBook!MSR	severe
Trojan:Win32/Cynamer!MTB	severe
Trojan:Win32/GhostRAT.SPVX!MTB	severe
Trojan:Win32/Goptaju.A	severe
Trojan:Win32/Remcos.RSU!MTB	severe
Trojan:Win64/Amadey.AA!AMTB	severe
Trojan:Win64/KillWin.SX!MTB	severe
Trojan:Win64/PoolInjet!MTB	severe
Trojan:Win64/Rozena.YAI!MTB	severe
Trojan:Win64/Shellcode.PGSH!MTB	severe
Trojan:Win64/StealC.NRE!MTB	severe

Updated threat detections

Name	Severity
Adware:Win32/AdLoad	high
Adware:Win32/Agent	high
Adware:Win32/Coupons	high
Adware:Win32/loderka	high
Adware:Win32/Tnega	high
Backdoor:Java/Meterpreter	severe
Backdoor:MSIL/AsyncRat!rfn	severe
Backdoor:MSIL/Bladabindi!rfn	severe
Backdoor:MSIL/IRCbot!rfn	severe
Backdoor:PHP/C99shell!rfn	severe
Backdoor:PHP/Dirtelti.OD	severe
Backdoor:PHP/Webshell.PA	severe
Backdoor:Unix/Multiverze!rfn	severe
Backdoor:Win32/Bifrose!MTB	severe
Backdoor:Win32/Fynloski!rfn	severe
Backdoor:Win32/Koceg!rfn	severe
Backdoor:Win64/MeterpreterReverseShell!rfn	severe
Backdoor:Win64/Vankul!rfn	severe
Behavior:Win32/KryptosNote.A	severe
Behavior:Win32/KryptosNote.B	severe
Behavior:Win32/ShinyBeehive.D!dha	severe
Behavior:Win32/ShinyBeehive.E!dha	severe
BrowserModifier:Win32/MediaArena	high
BrowserModifier:Win32/Shafmia	high
Exploit:JS/SetSlice.B	severe
Exploit:O97M/CVE-2017-11882!KZH	severe
Exploit:Ruby/JSShell.G!MSR	severe
Exploit:Win32/DDEDownloader	severe
Exploit:Win32/ShellCode.A	severe
Exploit:Win32/ShellCode.gen!C	severe
Exploit:Win64/CVE-2022-3699.B!MSR	severe
Exploit:Win64/Kodashill.A	severe
HackTool:MSIL/AutoKMS!rfn	high
HackTool:PowerShell/DumpDBCreds!rfn	high
HackTool:PowerShell/MalScript!MSR	high
HackTool:PowerShell/Powersploit	high
HackTool:PowerShell/PowerSploit.E	high
HackTool:Python/Impacket!MSR	high
HackTool:Python/Impacket.AAI!MSR	high
HackTool:Python/Impacket.AP	high
HackTool:Python/PWDump!MSR	high
HackTool:Win32/Activator	high
HackTool:Win32/AdFind!AMTB	high
HackTool:Win32/Agent	high
HackTool:Win32/AutoKMS	high
HackTool:Win32/AutoKMS!MTB	high
HackTool:Win32/CheatEngine	high
HackTool:Win32/Chisel!rfn	high
HackTool:Win32/CmosPwd.A	high
HackTool:Win32/crack	high
HackTool:Win32/Crack!MTB	high
HackTool:Win32/Crack!rfn	high
HackTool:Win32/Defendercontrol	high
HackTool:Win32/Defendercontrol.A	high
HackTool:Win32/DongleHack	high
HackTool:Win32/FRProxy	high
HackTool:Win32/GameHack!MTB	high
HackTool:Win32/Injector!MTB	high
HackTool:Win32/Keygen	high
HackTool:Win32/Keygen!MSR	high
HackTool:Win32/Keygen!MTB	high
HackTool:Win32/Keygen!rfn	high
HackTool:Win32/Mailpassview!rfn	high
HackTool:Win32/Malgent	high
HackTool:Win32/Malgent!MSR	high
HackTool:Win32/MeltScreen!MTB	high
HackTool:Win32/Meterpreter.A!dll	high
HackTool:Win32/Mimikatz.A!dha	high
HackTool:Win32/Netpass!MSR	high
HackTool:Win32/Ntscan	high
HackTool:Win32/Passview	high
HackTool:Win32/Passview!MTB	high
HackTool:Win32/PasswordRecovery	high
HackTool:Win32/Patcher	high
HackTool:Win32/Patcher!AMTB	high
HackTool:Win32/Patcher!MTB	high
HackTool:Win32/Tnega	high
HackTool:Win32/Tnega!MSR	high
HackTool:Win32/UACMe.RK!MTB	high
HackTool:Win32/Unlocker!MSR	high
HackTool:Win32/Unlocker!MTB	high
HackTool:Win64/Malgent!MSR	high
HackTool:Win64/Meterpreter	high
HackTool:Win64/Mikatz!dha	high
Misleading:Win32/Lodi	high
Misleading:Win32/Lodi!MSR	high
Misleading:Win32/Malgent!AMTB	high
MonitoringTool:Win32/MicTrayDebugger	severe
MonitoringTool:Win32/TektonIt	severe
Program:MacOS/Multiverze!rfn	high
PWS:MSIL/Gruppw.A!dha	severe
PWS:MSIL/Stealer!rfn	severe
PWS:Win32/Fignotok.A	severe
Ransom:BAT/DisableDefender.A!dha	severe
Ransom:Linux/Conti!rfn	severe
Ransom:Linux/Qilin.A!MTB	severe
Ransom:MacOS/Filecoder!rfn	severe
Ransom:MSIL/HiddenTear!rfn	severe
Ransom:PowerShell/Roduk	severe
Ransom:Win32/BlackCat!rfn	severe
Ransom:Win32/ContiCrypt!rfn	severe
Ransom:Win32/Crilock.A	severe
Ransom:Win32/Flocked.YAD!MTB	severe
Ransom:Win32/Lynx!rfn	severe
Ransom:Win32/Qilinloader!rfn	severe
Ransom:Win32/Wannaren!rfn	severe
Ransom:Win32/WarLock!rfn	severe
Ransom:Win64/Akira!rfn	severe
Ransom:Win64/Mallox!rfn	severe
Tool:Linux/Multiverze!rfn	moderate
Trojan:AndroidOS/AVerseFalc!rfn	severe
Trojan:AndroidOS/SAgnt!MTB	severe
Trojan:BAT/Malscript!MTB	severe
Trojan:BAT/Qakbot!rfn	severe
Trojan:HTML/FakeAlert!rfn	severe
Trojan:HTML/FakeLogin.A!AMTB	severe
Trojan:HTML/IcedID!rfn	severe
Trojan:HTML/Qakbot!rfn	severe
Trojan:HTML/Redirector.KGF!MTB	severe
Trojan:JS/AgentTesla!rfn	severe
Trojan:JS/AutoRun!AMTB	severe
Trojan:JS/GuLoader.SOJ!MTB	severe
Trojan:JS/Obfuse!AMTB	severe
Trojan:JS/Obfuse!MSR	severe
Trojan:JS/Obfuse.PRS!MTB	severe
Trojan:JS/PhoexRef.F	severe
Trojan:Linux/Multiverze!rfn	severe
Trojan:MSIL/AgentTesla!rfn	severe
Trojan:MSIL/CoinMiner!rfn	severe
Trojan:MSIL/Confuser	severe
Trojan:MSIL/CryptInject!MSR	severe
Trojan:MSIL/DllInject!rfn	severe
Trojan:MSIL/DllInject.N!MTB	severe
Trojan:MSIL/Gentromal.A	severe
Trojan:MSIL/Malgent!MSR	severe
Trojan:MSIL/Redline!rfn	severe
Trojan:MSIL/RedLineStealer!rfn	severe
Trojan:MSIL/XWorm.RR!MTB	severe
Trojan:MSIL/XWStealer!rfn	severe
Trojan:O97M/DDownloader!rfn	severe
Trojan:O97M/Phish!MSR	severe
Trojan:PDF/Phish!MSR	severe
Trojan:PDF/Phish!rfn	severe
Trojan:PDF/Ursinf!rfn	severe
Trojan:PowerShell/Agent.AKD	severe
Trojan:PowerShell/CredentialPhisher	severe
Trojan:PowerShell/Malagent!MSR	severe
Trojan:PowerShell/Malgent!MSR	severe
Trojan:PowerShell/ReverseShell.SA	severe
Trojan:Python/Tnega!MSR	severe
Trojan:Script/Malgent!MSR	severe
Trojan:Script/Multiverze!rfn	severe
Trojan:Script/Obfuse	severe
Trojan:VBS/Emotet!rfn	severe
Trojan:VBS/GuLoader.RBF!MTB	severe
Trojan:VBS/GuLoader.SNY!MTB	severe
Trojan:VBS/Obfuse!rfn	severe
Trojan:VBS/Qakbot!rfn	severe
Trojan:Win2K/Malgent	severe
Trojan:Win32/Acll!rfn	severe
Trojan:Win32/ACRStealer!rfn	severe
Trojan:Win32/Agent!MSR	severe
Trojan:Win32/Agent!rfn	severe
Trojan:Win32/Alevaul!rfn	severe
Trojan:Win32/Amadey!rfn	severe
Trojan:Win32/AutoInject.NRA!MTB	severe
Trojan:Win32/AutoitNuqel!rfn	severe
Trojan:Win32/Blacksuit!rfn	severe
Trojan:Win32/Bluteal!rfn	severe
Trojan:Win32/Casdet!rfn	severe
Trojan:Win32/Ceevee	severe
Trojan:Win32/CoinMiner	severe
Trojan:Win32/Coroxy!rfn	severe
Trojan:Win32/DllInject!rfn	severe
Trojan:Win32/Dridex!rfn	severe
Trojan:Win32/DSSDetection	severe
Trojan:Win32/Dynamer!ac	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Egairtigado!rfn	severe
Trojan:Win32/Ekstak!MTB	severe
Trojan:Win32/Ekstak!rfn	severe
Trojan:Win32/Etset!rfn	severe
Trojan:Win32/Farfli!rfn	severe
Trojan:Win32/Flystudio!MTB	severe
Trojan:Win32/FormBook!rfn	severe
Trojan:Win32/Gcleaner.AGL!MTB	severe
Trojan:Win32/Glupteba!MTB	severe
Trojan:Win32/Grandoreiro!rfn	severe
Trojan:Win32/GuLoader.RVAO!MTB	severe
Trojan:Win32/IcedIDLNK!rfn	severe
Trojan:Win32/ICLoader!rfn	severe
Trojan:Win32/Kepavll!rfn	severe
Trojan:Win32/Lazy!MTB	severe
Trojan:Win32/Leonem!rfn	severe
Trojan:Win32/LokiBot!rfn	severe
Trojan:Win32/Malagent	severe
Trojan:Win32/Malagent!rfn	severe
Trojan:Win32/Malgent	severe
Trojan:Win32/Malgent!AMTB	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/Malgent!MTB	severe
Trojan:Win32/MalLoader!rfn	severe
Trojan:Win32/Marte!MTB	severe
Trojan:Win32/Masson.A!ac	severe
Trojan:Win32/Matanbuch!rfn	severe
Trojan:Win32/MereTam!rfn	severe
Trojan:Win32/Meterpreter!rfn	severe
Trojan:Win32/Meterpreter.A	severe
Trojan:Win32/Neoreblamy!MTB	severe
Trojan:Win32/Neoreblamy.NFL!MTB	severe
Trojan:Win32/NetLoader!rfn	severe
Trojan:Win32/NetWire!rfn	severe
Trojan:Win32/Ninunarch!rfn	severe
Trojan:Win32/NSISInject.RD!MTB	severe
Trojan:Win32/Otfrem.A!MTB	severe
Trojan:Win32/Pasta!rfn	severe
Trojan:Win32/PhishLeonem!rfn	severe
Trojan:Win32/Pomal!rfn	severe
Trojan:Win32/Qakbot!rfn	severe
Trojan:Win32/Reconyc!rfn	severe
Trojan:Win32/Sabsik!MSR	severe
Trojan:Win32/Salgorea.C!MTB	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/ShellcodeLoader.AHD!MTB	severe
Trojan:Win32/ShellcodeRunner.LMC!MTB	severe
Trojan:Win32/ShortSeek!rfn	severe
Trojan:Win32/Skeeyah	severe
Trojan:Win32/SpyBanker!rfn	severe
Trojan:Win32/StealC!rfn	severe
Trojan:Win32/Suschil!rfn	severe
Trojan:Win32/SystemBC!MTB	severe
Trojan:Win32/SystemBC!rfn	severe
Trojan:Win32/Tedy!MTB	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Trickbot!rfn	severe
Trojan:Win32/TurtleLoader!rfn	severe
Trojan:Win32/Ursnif!rfn	severe
Trojan:Win32/Vundo.AHC!MTB	severe
Trojan:Win32/Wacatac!rfn	severe
Trojan:Win32/WinLNK!rfn	severe
Trojan:Win32/XWormRAT!AMTB	severe
Trojan:Win32/Ymacco.ABC3	severe
Trojan:Win32/Yomal!rfn	severe
Trojan:Win32/Znyonm!rfn	severe
Trojan:Win32/Zusy!MTB	severe
Trojan:Win64/Amadey!MTB	severe
Trojan:Win64/Amadey.AA!AMTB	severe
Trojan:Win64/BazarLoader!rfn	severe
Trojan:Win64/BlunderBlight!rfn	severe
Trojan:Win64/BrutRatel!rfn	severe
Trojan:Win64/Cobaltstrike!rfn	severe
Trojan:Win64/CoinMiner!MTB	severe
Trojan:Win64/CoinMiner!rfn	severe
Trojan:Win64/CryptInject!MSR	severe
Trojan:Win64/CryptInject!rfn	severe
Trojan:Win64/DisguisedXMRigMiner	severe
Trojan:Win64/DllInject!rfn	severe
Trojan:Win64/Donut!rfn	severe
Trojan:Win64/Emotet!rfn	severe
Trojan:Win64/Emotetcrypt!rfn	severe
Trojan:Win64/EmotetPacker!rfn	severe
Trojan:Win64/IcedID!rfn	severe
Trojan:Win64/KillAV!rfn	severe
Trojan:Win64/Kryptik!MTB	severe
Trojan:Win64/Latrodectus!rfn	severe
Trojan:Win64/Lazy!MTB	severe
Trojan:Win64/Loader!MTB	severe
Trojan:Win64/Malgent!MSR	severe
Trojan:Win64/Malgent!MTB	severe
Trojan:Win64/Maloder!rfn	severe
Trojan:Win64/Meterpreter!rfn	severe
Trojan:Win64/OyesterLoader!rfn	severe
Trojan:Win64/Oyster!MTB	severe
Trojan:Win64/PoolInjet!MTB	severe
Trojan:Win64/Redcap!rfn	severe
Trojan:Win64/ReflectiveLoader	severe
Trojan:Win64/Rootkit!rfn	severe
Trojan:Win64/ShellcodeRunner.NRG!MTB	severe
Trojan:Win64/SpyLoader!rfn	severe
Trojan:Win64/Stealc!MTB	severe
Trojan:Win64/TamperedChef!MSR	severe
Trojan:Win64/TamperedChef.GVC!MTB	severe
Trojan:Win64/Tedy!MTB	severe
Trojan:Win64/Tedy!rfn	severe
Trojan:Win64/TurtleLoader!rfn	severe
Trojan:Win64/Vidar!MTB	severe
Trojan:Win64/ZLoader!rfn	severe
Trojan:Win64/Zusy!MTB	severe
TrojanClicker:Win32/Doplik.R	severe
TrojanClicker:Win32/Yabector	severe
TrojanDownloader:BAT/QakBotLoader!rfn	severe
TrojanDownloader:HTML/Adodb.gen!A	severe
TrojanDownloader:JS/Qakbot!rfn	severe
TrojanDownloader:MSIL/Mallox!rfn	severe
TrojanDownloader:O97M/Emotet!rfn	severe
TrojanDownloader:Win32/Contaskitar!rfn	severe
TrojanDownloader:Win32/Pipsek!rfn	severe
TrojanDownloader:Win32/Rugmi!AMTB	severe
TrojanDownloader:Win32/Sinresby!rfn	severe
TrojanDownloader:Win64/BazaarLoader!rfn	severe
TrojanDropper:PowerShell/Injector!MSR	severe
TrojanDropper:Win32/Malgent!MSR	severe
TrojanDropper:Win32/Pykspa.A	severe
VirTool:MSIL/Aikaantivm!rfn	severe
VirTool:MSIL/Masky	severe
VirTool:Win32/CeeInject!rfn	severe
VirTool:Win32/Tabloid!MTB	severe
VirTool:Win32/VBInject!BP	severe
VirTool:Win32/VBInject!rfn	severe
VirTool:Win64/CobaltStrike!rfn	severe
Virus:Win64/Expiro!rfn	severe
Worm:Win32/AutoRun!AMTB	severe
Worm:Win32/Citeary!rfn	severe
Worm:Win32/Fesber!rfn	severe
Worm:Win32/Gamarue.AN	severe