Change logs for security intelligence update version 1.447.123.0

We couldn’t find the update version you requested. Showing the latest version instead.

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

4/1/2026 5:09:39 PM

Added threat detections

Name	Severity
Behavior:Linux/SuspExecByNode.SC3	severe
Exploit:O97M/CVE-2017-11882.RVBO!MTB	severe
Ransom:MSIL/FileCoder!AMTB	severe
Ransom:MSIL/Jerwica!AMTB	severe
Trojan:HTML/Phish.D!AMTB	severe
Trojan:HTML/Redirector.D!AMTB	severe
Trojan:HTML/Redirector.E!AMTB	severe
Trojan:HTML/Redirector.GPXM!MTB	severe
Trojan:JS/AgentTesla.VUE!MTB	severe
Trojan:JS/Cryxos.B!AMTB	severe
Trojan:JS/Cryxos.C!AMTB	severe
Trojan:JS/Cryxos.D!AMTB	severe
Trojan:JS/Obfus.GVE!MTB	severe
Trojan:JS/Obfuse.B!AMTB	severe
Trojan:JS/Obfuse.GPXH!MTB	severe
Trojan:JS/Phish.PA!MTB	severe
Trojan:JS/Redirector.GPXD!MTB	severe
Trojan:MSIL/Barys.A!AMTB	severe
Trojan:MSIL/MassLogger.SPIC!MTB	severe
Trojan:MSIL/PureRat.AJ!MTB	severe
Trojan:MSIL/RemcosRAT.SL!MTB	severe
Trojan:MSIL/Rozena.GPAS!MTB	severe
Trojan:PowerShell/AsyncRAT.B!AMTB	severe
Trojan:PowerShell/Boxter.SHL!MTB	severe
Trojan:PowerShell/Obfuse.GPOG!MTB	severe
Trojan:PowerShell/Powedon.A!AMTB	severe
Trojan:PowerShell/XWorm.B!AMTB	severe
Trojan:Script/SvgStealer.DPE!MTB	severe
Trojan:VBS/Boxter.GPF!MTB	severe
Trojan:Win32/AutoitInject.GB!MTB	severe
Trojan:Win32/Dacic.GPAG!MTB	severe
Trojan:Win32/Neoreblamy.NUZ!MTB	severe
Trojan:Win32/Razy.GPJ!MTB	severe
Trojan:Win32/WinLNK.SNU!MTB	severe
Trojan:Win64/Aotera.RVB!MTB	severe
Trojan:Win64/Disco.MK!MTB	severe
Trojan:Win64/DllHijack.GPKB!MTB	severe
Trojan:Win64/DllHijack.GPKC!MTB	severe
Trojan:Win64/Greedy.MX!MTB	severe
Trojan:Win64/HijackLoader.GPF!MTB	severe
Trojan:Win64/Lazy.MKJ!MTB	severe
Trojan:Win64/ValleyRat.AVY!MTB	severe
Trojan:Win64/Zusy.SXP!MTB	severe

Updated threat detections

Name	Severity
Backdoor:Linux/Dakkatoni.az!MTB	severe
Backdoor:MacOS/Mettle.A!MTB	severe
Backdoor:MSIL/AsyncRAT!rfn	severe
Backdoor:MSIL/Bladabindi!rfn	severe
Backdoor:MSIL/XWormRAT!rfn	severe
Backdoor:PHP/LaudanumProxy!AMTB	severe
Backdoor:PHP/Webshell.PA	severe
Backdoor:Win32/Coroxy!rfn	severe
Backdoor:Win32/Remcos!rfn	severe
BrowserModifier:MSIL/MediaArena	high
Exploit:HTML/Shellcode.G!MSR	severe
Exploit:Linux/CVE-2021-3490.C!MTB	severe
Exploit:MacOS/JailBreak.AB!MTB	severe
Exploit:O97M/CVE-2017-0199.VDY!MTB	severe
Exploit:O97M/CVE-2025-53770.DA!ams	severe
Exploit:Ruby/JSShell.G!MSR	severe
Exploit:Win32/RpcDcom!rfn	severe
FriendlyFiles	low
HackTool:Linux/PthToolkitGen.ZZ	high
HackTool:PowerShell/Powersploit	high
HackTool:Python/Impacket!MSR	high
HackTool:Python/Impacket!MTB	high
HackTool:Python/Impacket.AH	high
HackTool:Python/Impacket.AL	high
HackTool:Python/Impacket.BB	high
HackTool:Win32/crack	high
HackTool:Win32/Crack!MTB	high
HackTool:Win32/Keygen	high
HackTool:Win32/Keygen!AMTB	high
HackTool:Win32/Mailpassview!rfn	high
Phish:HTML/FakeLogin.DUW!MTB	severe
PWS:HTML/Phish.RA!MTB	severe
Ransom:Win32/Basta!rfn	severe
Ransom:Win32/Cobra	severe
Ransom:Win32/Helldown!rfn	severe
Ransom:Win32/Lynx!rfn	severe
Ransom:Win32/QilinCrypt.PA!MTB	severe
Ransom:Win32/Trigona!rfn	severe
Ransom:Win64/Crimson.MRZ!MTB	severe
Trojan:AndroidOS/AVerseFalc!rfn	severe
Trojan:AndroidOS/Multiverze!rfn	severe
Trojan:BAT/Qakbot!rfn	severe
Trojan:HTML/Fakecaptcha.RR!MTB	severe
Trojan:HTML/Phish.SXK!MTB	severe
Trojan:HTML/Redirector.BAJ!MTB	severe
Trojan:HTML/ScrInject.SJKP!MTB	severe
Trojan:HTML/ScrInject.SMW!MTB	severe
Trojan:JS/Obfuse.PAI!MTB	severe
Trojan:JS/Obfuse.PAJ!MTB	severe
Trojan:JS/Obfuse.RR!MTB	severe
Trojan:JS/Phish.PA!MTB	severe
Trojan:JS/Redirector.AVSB!MTB	severe
Trojan:JS/Redirector.GPAM!MTB	severe
Trojan:Linux/CoinMiner!rfn	severe
Trojan:Linux/Multiverze!rfn	severe
Trojan:MSIL/CoinMiner!rfn	severe
Trojan:MSIL/CryptTrickldr!rfn	severe
Trojan:MSIL/DllInject!rfn	severe
Trojan:MSIL/Jalapeno!MTB	severe
Trojan:MSIL/LummaC!rfn	severe
Trojan:MSIL/PDFConverter.MX!MTB	severe
Trojan:MSIL/Zusy.SXC!MTB	severe
Trojan:O97M/DDownloader!rfn	severe
Trojan:PDF/Ursinf!rfn	severe
Trojan:PowerShell/GuLoader.PAM!MTB	severe
Trojan:PowerShell/Powersploit.L	severe
Trojan:PowerShell/ReverseShell.SA	severe
Trojan:Python/Bobik.EB!MTB	severe
Trojan:Script/Malgent!MSR	severe
Trojan:VBS/Emotet!rfn	severe
Trojan:VBS/Obfuse.PAH!MTB	severe
Trojan:VBS/Obfuse.PAI!MTB	severe
Trojan:VBS/Obfuse.PAJ!MTB	severe
Trojan:VBS/Qakbot!rfn	severe
Trojan:Win32/Acll!rfn	severe
Trojan:Win32/AgentTesla!ml	severe
Trojan:Win32/Alevaul!rfn	severe
Trojan:Win32/Cerber!rfn	severe
Trojan:Win32/Chopper.A	severe
Trojan:Win32/CryptInject.BT!MTB	severe
Trojan:Win32/DarkGate!rfn	severe
Trojan:Win32/Dynamer!ac	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Egairtigado!rfn	severe
Trojan:Win32/Etset!rfn	severe
Trojan:Win32/Flystudio.AB!MTB	severe
Trojan:Win32/FlyStudio.PGC!MTB	severe
Trojan:Win32/Ibashade.PA!MTB	severe
Trojan:Win32/IcedIdLNK!rfn	severe
Trojan:Win32/Injector.RAQ!MTB	severe
Trojan:Win32/Kazadm.A!MTB	severe
Trojan:Win32/Kepavll!rfn	severe
Trojan:Win32/Leonem!rfn	severe
Trojan:Win32/Malgent	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/MalLoader!rfn	severe
Trojan:Win32/MereTam!rfn	severe
Trojan:Win32/Pomal!rfn	severe
Trojan:Win32/Primarypass!rfn	severe
Trojan:Win32/Qakbot!rfn	severe
Trojan:Win32/Qwexlafiba!rfn	severe
Trojan:Win32/Ravartar!rfn	severe
Trojan:Win32/Rozena!rfn	severe
Trojan:Win32/Salgorea.C!MTB	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/ShortSeek!rfn	severe
Trojan:Win32/Skeeyah	severe
Trojan:Win32/Skeeyah.A!rfn	severe
Trojan:Win32/Suschil!rfn	severe
Trojan:Win32/Swisyn.ADA!MTB	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Vindor!rfn	severe
Trojan:Win32/Vindor.AHB!MTB	severe
Trojan:Win32/Virlock.VMX!MTB	severe
Trojan:Win32/WinLNK!rfn	severe
Trojan:Win32/WinLNK.ABL!MTB	severe
Trojan:Win32/WinLNK.HDA!MTB	severe
Trojan:Win32/WinLNK.HDC!MTB	severe
Trojan:Win32/WinLNK.HDD!MTB	severe
Trojan:Win32/WinLNKRun!rfn	severe
Trojan:Win32/XWorm!MSR	severe
Trojan:Win32/Yomal!rfn	severe
Trojan:Win32/Znyonm!rfn	severe
Trojan:Win32/Zusy.KK!MTB	severe
Trojan:Win64/BazaarLoader!rfn	severe
Trojan:Win64/ClipBanker.MX!MTB	severe
Trojan:Win64/CobaltStrike!rfn	severe
Trojan:Win64/CoinMiner!MSR	severe
Trojan:Win64/CoinMiner!rfn	severe
Trojan:Win64/CryptInject!rfn	severe
Trojan:Win64/IcedID!rfn	severe
Trojan:Win64/Injector.EO	severe
Trojan:Win64/Latrodectus!rfn	severe
Trojan:Win64/LummaStealer!AMTB	severe
Trojan:Win64/Meterpreter!MTB	severe
Trojan:Win64/Meterpreter!rfn	severe
Trojan:Win64/Sheheq!rfn	severe
Trojan:Win64/Stealer.MX!MTB	severe
Trojan:Win64/Tedy.SXL!MTB	severe
Trojan:Win64/Tedy.SXM!MTB	severe
Trojan:Win64/Vidar.AT!AMTB	severe
Trojan:Win64/Zusy!MTB	severe
Trojan:Win64/Zusy.PGZI!MTB	severe
TrojanDownloader:BAT/Genmaldwn.K!bit	severe
TrojanDownloader:HTML/Adodb!rfn	severe
TrojanDownloader:HTML/ScrInject.PD!MTB	severe
TrojanDownloader:JS/Qakbot!rfn	severe
TrojanDownloader:MSIL/AgentTesla!rfn	severe
TrojanDownloader:O97M/Donoff	severe
TrojanDownloader:O97M/Emotet!rfn	severe
TrojanSpy:MSIL/Yakbeex!rfn	severe
VirTool:MSIL/Aikaantivm!rfn	severe
VirTool:WinNT/Rootkitdrv!rfn	severe
Worm:MSIL/Lardosy	severe