Skip to main content

Change logs for security intelligence update version 1.291.500.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Released on

3/27/2019 1:19:59 PM

Added threat detections

Name Severity
hacktool:win32/passwordfox.a!bit high
trojandownloader:o97m/obfuse.dz!ams severe

Updated threat detections

Name Severity
backdoor:linux/mirai!rfn severe
backdoor:msil/bladabindi severe
backdoor:msil/bladabindi!rfn severe
backdoor:msil/bladabindi.aj severe
backdoor:msil/bladabindi.al severe
backdoor:msil/bladabindi.b severe
backdoor:msil/boilod.a severe
backdoor:msil/noancooe!rfn severe
backdoor:msil/noancooe.a severe
backdoor:msil/noancooe.b severe
backdoor:msil/noancooe.c severe
backdoor:msil/orcusrot.a severe
backdoor:win32/beastdoor!rfn severe
backdoor:win32/berbew!rfn severe
backdoor:win32/berbew.bu severe
backdoor:win32/berbew.dx severe
backdoor:win32/bifrose severe
backdoor:win32/dodiw.a severe
backdoor:win32/dridex.sd!mtb severe
backdoor:win32/floxif severe
backdoor:win32/fynloski severe
backdoor:win32/fynloski!rfn severe
backdoor:win32/fynloski.a severe
backdoor:win32/gaertob.a severe
backdoor:win32/ircbot!rfn severe
backdoor:win32/kirts!rfn severe
backdoor:win32/kirts.a severe
backdoor:win32/koceg severe
backdoor:win32/koceg!rfn severe
backdoor:win32/limerat!rfn severe
backdoor:win32/limerat.ya!mtb severe
backdoor:win32/pedex!rfn severe
backdoor:win32/predator.j!mtb severe
backdoor:win32/qakbot!rfn severe
backdoor:win32/qakbot.t severe
backdoor:win32/quasarrat.a severe
backdoor:win32/remcos.a!mtb severe
backdoor:win32/rescoms.b severe
backdoor:win32/sdbot!rfn severe
backdoor:win32/simbot severe
backdoor:win32/simda severe
backdoor:win32/tofsee!rfn severe
backdoor:win32/tofsee.f severe
backdoor:win32/tofsee.t severe
backdoor:win32/wabot!rfn severe
backdoor:win32/xiclog!rfn severe
backdoor:win32/xtrat!rfn severe
backdoor:win32/xtrat.a severe
backdoor:win32/zegost!rfn severe
backdoor:win32/zegost.b severe
backdoor:win32/zegost.bx severe
backdoor:win32/zegost.l severe
backdoor:win32/zegost.z severe
backdoor:win64/drixed!rfn severe
browsermodifier:win32/foxiebro high
browsermodifier:win32/prifou high
browsermodifier:win32/webalta high
ddos:linux/lightaidra!rfn severe
ddos:win32/nitol!rfn severe
ddos:win32/nitol.b severe
exploit:html/iframeref!rfn severe
exploit:js/blacole!rfn severe
exploit:o97m/cve-2017-11882!rfn severe
exploit:o97m/ddedownloader!rfn severe
exploit:o97m/ddedownloader.o severe
exploit:o97m/ddedownloader.p severe
exploit:python/leivion!rfn severe
exploit:vbs/ms06014!rfn severe
exploit:win32/cve-2012-0158!rfn severe
exploit:win32/ms08067 severe
exploit:win32/shellcode severe
hacktool:win32/autokms high
hacktool:win32/autokms!rfn high
hacktool:win32/chromepass high
hacktool:win32/gendows high
hacktool:win32/imminent.ac!mtb high
hacktool:win32/kapahyku.a high
hacktool:win32/keygen high
hacktool:win32/keygen!bit high
hacktool:win32/lazagne!rfn high
hacktool:win32/mailpassview high
hacktool:win32/passwordfox high
hacktool:win32/rabased high
hacktool:win64/meterpreter.a!bit high
hacktool:win64/mikatz!rfn high
pws:html/phish!rfn severe
pws:msil/wealwedst.a severe
pws:pdf/phish severe
pws:pdf/phish!rfn severe
pws:win32/agenttesla.ya!mtb severe
pws:win32/bzub severe
pws:win32/bzub!rfn severe
pws:win32/enterak!rfn severe
pws:win32/fareit severe
pws:win32/fareit.ad!mtb severe
pws:win32/ldpinch severe
pws:win32/mocrt!rfn severe
pws:win32/mocrt.a!mtb severe
pws:win32/mofksys!rfn severe
pws:win32/pony.m!mtb severe
pws:win32/primarypass!rfn severe
pws:win32/primarypass.a severe
pws:win32/qqpass!rfn severe
pws:win32/qqpass.ci severe
pws:win32/qqpass.kb severe
pws:win32/qqthief!rfn severe
pws:win32/sapbexts!rfn severe
pws:win32/sapbexts.b severe
pws:win32/stimilina!rfn severe
pws:win32/vidar.yb!mtb severe
pws:win32/zbot!ci severe
pws:win32/zbot!rfn severe
pws:win32/zbot!za severe
ransom:androidos/fakelt!rfn severe
ransom:msil/jigsawlocker!rfn severe
ransom:win32/bosloki.a severe
ransom:win32/cerber!rfn severe
ransom:win32/crysis.pa!mtb severe
ransom:win32/gandcrab!rfn severe
ransom:win32/gandcrab.ae severe
ransom:win32/genasom severe
ransom:win32/lockergoga.d severe
ransom:win32/lyposit!rfn severe
ransom:win32/tobfy!rfn severe
ransom:win32/troldesh.a severe
rogue:win32/fakecog severe
rogue:win32/fakepav!rfn severe
rogue:win32/onescan!rfn severe
rogue:win32/winwebsec!rfn severe
softwarebundler:win32/dlhelper high
supportscam:js/techbrolo!rfn severe
trojan:androidos/autoins!rfn severe
trojan:androidos/dougalek!rfn severe
trojan:androidos/gingermaster!rfn severe
trojan:androidos/hiddad!rfn severe
trojan:androidos/kapuser!rfn severe
trojan:androidos/kmin!rfn severe
trojan:androidos/plankton!rfn severe
trojan:androidos/smser!rfn severe
trojan:androidos/spitmo!rfn severe
trojan:bat/nabucur.a severe
trojan:html/iframe!rfn severe
trojan:html/redirector!rfn severe
trojan:java/cve-2012-4681!rfn severe
trojan:java/jaraut.b severe
trojan:java/jrat severe
trojan:java/jrat.c severe
trojan:js/blacoleref!rfn severe
trojan:js/coinhive severe
trojan:js/coinhive!rfn severe
trojan:js/hidelink!rfn severe
trojan:js/iframe!rfn severe
trojan:js/iframeinject!rfn severe
trojan:js/nemucod!rfn severe
trojan:js/redirector!rfn severe
trojan:msil/bladabindi!rfn severe
trojan:msil/blinerarch!rfn severe
trojan:msil/blinerarch.ay severe
trojan:msil/boilod!rfn severe
trojan:msil/bokytuda.b!bit severe
trojan:msil/imminent.a!mtb severe
trojan:msil/imminent.b severe
trojan:msil/medvev severe
trojan:msil/omaneat!rfn severe
trojan:msil/redlonam.a severe
trojan:msil/starter.f severe
trojan:msil/watam!rfn severe
trojan:msil/wirzemro.b severe
trojan:vbs/cyoncneq.a severe
trojan:win32/adload!rfn severe
trojan:win32/agenttesla!rfn severe
trojan:win32/asacky!rfn severe
trojan:win32/asacky.a!bit severe
trojan:win32/ausiv!rfn severe
trojan:win32/autcobit!rfn severe
trojan:win32/autorun!rfn severe
trojan:win32/avkill!rfn severe
trojan:win32/avkill.e severe
trojan:win32/bancteian.a severe
trojan:win32/bluteal!rfn severe
trojan:win32/casdet!rfn severe
trojan:win32/coinminer!bit severe
trojan:win32/coinminer!rfn severe
trojan:win32/cryptinject severe
trojan:win32/cryptinject!rfn severe
trojan:win32/crysteb!rfn severe
trojan:win32/cve-2017-0147!rfn severe
trojan:win32/danabot!rfn severe
trojan:win32/delfsnif severe
trojan:win32/dynamer!ac severe
trojan:win32/dynamer!rfn severe
trojan:win32/emali.a!cl severe
trojan:win32/emotet!rfn severe
trojan:win32/emotet.ac!bit severe
trojan:win32/eqtonex!rfn severe
trojan:win32/floatcl.ac!mtb severe
trojan:win32/floxif!rfn severe
trojan:win32/gandcrab!rfn severe
trojan:win32/gandcrab.af severe
trojan:win32/gatak.dr!dha severe
trojan:win32/genasep.a severe
trojan:win32/gentrodet!rfn severe
trojan:win32/goabeny!rfn severe
trojan:win32/gootkit.ac!mtb severe
trojan:win32/histboader!rfn severe
trojan:win32/histboader.a severe
trojan:win32/injeber.a!bit severe
trojan:win32/injeber.d!bit severe
trojan:win32/jaku!rfn severe
trojan:win32/kaicorn!rfn severe
trojan:win32/kilonepag.a severe
trojan:win32/kovter!rfn severe
trojan:win32/krilog.a severe
trojan:win32/kryptomix!rfn severe
trojan:win32/ldpinch!rfn severe
trojan:win32/lyposit!rfn severe
trojan:win32/meretam!rfn severe
trojan:win32/meretam.a severe
trojan:win32/meterpreter severe
trojan:win32/meterpreter.o severe
trojan:win32/multsarch.o severe
trojan:win32/nanocore.sd!mtb severe
trojan:win32/nivdort.a severe
trojan:win32/nymaim!rfn severe
trojan:win32/occamy.b severe
trojan:win32/occamy.c severe
trojan:win32/pynamer.a!ac severe
trojan:win32/pynamer.b!ac severe
trojan:win32/qqpass!rfn severe
trojan:win32/quasarrat!rfn severe
trojan:win32/ramnit!rfn severe
trojan:win32/ramnit.a severe
trojan:win32/randrew!rfn severe
trojan:win32/redosdru.f severe
trojan:win32/ronohu!rfn severe
trojan:win32/sakurel!rfn severe
trojan:win32/sakurel.b!dha severe
trojan:win32/salgorea!rfn severe
trojan:win32/salgorea.c!dha severe
trojan:win32/simbot!rfn severe
trojan:win32/sirefef!rfn severe
trojan:win32/skeeyah.a!bit severe
trojan:win32/skeeyah.a!rfn severe
trojan:win32/skeeyah.b!rfn severe
trojan:win32/sonoko.a!ms severe
trojan:win32/starter.p severe
trojan:win32/startpage high
trojan:win32/startpage!rfn severe
trojan:win32/suloc.a severe
trojan:win32/swrort.a severe
trojan:win32/tepely!rfn severe
trojan:win32/tiggre!rfn severe
trojan:win32/tinba!rfn severe
trojan:win32/tinba.f severe
trojan:win32/tiny!rfn severe
trojan:win32/tofsee!rfn severe
trojan:win32/urelas!rfn severe
trojan:win32/ursnif!rfn severe
trojan:win32/ursnif.ad!mtb severe
trojan:win32/vbclone!rfn severe
trojan:win32/vflooder!rfn severe
trojan:win32/vindor!rfn severe
trojan:win32/vools!rfn severe
trojan:win32/werpoapt.certms severe
trojan:win32/xiaoba severe
trojan:win32/xiaoba!rfn severe
trojan:win32/zonsterarch!rfn severe
trojan:win32/zonsterarch.bw severe
trojan:win64/alureon!rfn severe
trojan:win64/detrahere!rfn severe
trojan:win64/drixed!rfn severe
trojan:win64/meterpreter!rfn severe
trojan:win64/meterpreter.d severe
trojan:win64/wiliky severe
trojan:winnt/rootkitdrv!rfn severe
trojan:winnt/sality severe
trojanclicker:js/faceliker!rfn severe
trojanclicker:win32/ellell!rfn severe
trojanclicker:win32/lnkwinkap!rfn severe
trojanclicker:win32/lnkwinkap.a severe
trojandownloader:html/adodb!rfn severe
trojandownloader:html/adodb.gen!a severe
trojandownloader:java/banload!rfn severe
trojandownloader:js/dahrabco!rfn severe
trojandownloader:js/fakejquery!rfn severe
trojandownloader:js/nemucod!rfn severe
trojandownloader:o97m/bartallex!rfn severe
trojandownloader:o97m/donoff severe
trojandownloader:o97m/donoff!rfn severe
trojandownloader:o97m/dornoe.a!ams severe
trojandownloader:o97m/dornoe.b!ams severe
trojandownloader:o97m/dornoe.i!ams severe
trojandownloader:o97m/obfuse!rfn severe
trojandownloader:o97m/obfuse.dz severe
trojandownloader:script/nemucod.jac severe
trojandownloader:swf/esaprof!rfn severe
trojandownloader:swf/esaprof.a severe
trojandownloader:win32/adload!rfn high
trojandownloader:win32/bagle!rfn severe
trojandownloader:win32/dofoil!rfn severe
trojandownloader:win32/dofoil.ac severe
trojandownloader:win32/esendi!rfn severe
trojandownloader:win32/kanav!rfn severe
trojandownloader:win32/kolilks!rfn severe
trojandownloader:win32/matcash!rfn severe
trojandownloader:win32/nymaim!rfn severe
trojandownloader:win32/perkesh!rfn severe
trojandownloader:win32/sinresby.b severe
trojandownloader:win32/tinub!rfn severe
trojandownloader:win32/umbald.a severe
trojandownloader:win32/unruy!rfn severe
trojandownloader:win32/upatre severe
trojandownloader:win32/upatre!rfn severe
trojandownloader:win32/upatre.aa severe
trojandownloader:win32/upatre.bn severe
trojandownloader:win32/zbot!rfn severe
trojandownloader:win32/zegost.d severe
trojandropper:win32/blathla!rfn severe
trojandropper:win32/dinwod!rfn severe
trojandropper:win32/gepys severe
trojandropper:win32/gepys!rfn severe
trojandropper:win32/gepys.a severe
trojandropper:win32/lamechi!rfn severe
trojandropper:win32/randrew.a!bit severe
trojandropper:win32/rubat!rfn severe
trojandropper:win32/systex!rfn severe
trojanproxy:win32/bunitu!rfn severe
trojanproxy:win32/bunitu.q!bit severe
trojanspy:androidos/geimini!rfn severe
trojanspy:msil/golroted!rfn severe
trojanspy:msil/golroted.a severe
trojanspy:msil/golroted.b severe
trojanspy:msil/keylog.b severe
trojanspy:msil/omaneat!rfn severe
trojanspy:msil/omaneat.b severe
trojanspy:win32/banker!rfn severe
trojanspy:win32/icedid!rfn severe
trojanspy:win32/nivdort severe
trojanspy:win32/nivdort!rfn severe
trojanspy:win32/nivdort.cc severe
trojanspy:win32/plimrost.b severe
trojanspy:win32/rebhip!rfn severe
trojanspy:win32/socstealer!rfn severe
trojanspy:win32/swotter!rfn severe
trojanspy:win32/tefosteal!rfn severe
trojanspy:win32/ursnif!rfn severe
virtool:inf/autorun severe
virtool:msil/injector.ew severe
virtool:msil/subti!rfn severe
virtool:msil/subti.c severe
virtool:msil/subti.g severe
virtool:win32/bzub!rfn severe
virtool:win32/ceeinject.gf severe
virtool:win32/cryptinject!rfn severe
virtool:win32/delfinject severe
virtool:win32/injector.ci severe
virtool:win32/krilog!rfn severe
virtool:win32/satan!rfn severe
virtool:win32/stekct!rfn severe
virtool:win32/tinba!rfn severe
virtool:win32/vbinder!rfn severe
virtool:win32/vbinject severe
virtool:win32/vbinject.aen severe
virtool:win32/vbinject.qv severe
virtool:win32/waledac!rfn severe
virtool:win64/atosev.a severe
virtool:winnt/rootkitdrv.hk severe
virus:win32/vigorf.a severe
worm:vbs/jenxcus.cb severe
worm:vbs/jenxcus.e!ams severe
worm:vbs/jenxcus.k severe
worm:win32/ainslot!rfn severe
worm:win32/ainslot.a severe
worm:win32/ainslot.h severe
worm:win32/ambler.a severe
worm:win32/autorun!rfn severe
worm:win32/babonock!rfn severe
worm:win32/bloored!rfn severe
worm:win32/cambot!rfn severe
worm:win32/cambot.b severe
worm:win32/citeary.e severe
worm:win32/dorkbot!rfn severe
worm:win32/dumpy!rfn severe
worm:win32/esfury!rfn severe
worm:win32/gamarue severe
worm:win32/gamarue!rfn severe
worm:win32/gamarue.ar severe
worm:win32/gamarue.i severe
worm:win32/jenxcus.a severe
worm:win32/ludbaruma!rfn severe
worm:win32/macoute!rfn severe
worm:win32/moarider!rfn severe
worm:win32/mofksys severe
worm:win32/mofksys!rfn severe
worm:win32/mydoom!rfn severe
worm:win32/nuqel.ta severe
worm:win32/phorpiex.b severe
worm:win32/rahiwi!rfn severe
worm:win32/rebhip severe
worm:win32/rebhip.a severe
worm:win32/sfone!rfn severe
worm:win32/silly_p2p.g severe
worm:win32/sillyfdc!rfn severe
worm:win32/slenping severe
worm:win32/sperolz!rfn severe
worm:win32/tophos!rfn severe
worm:win32/vobfus severe
worm:win32/wenper!rfn severe