Change logs for security intelligence update version 1.385.672.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

3/21/2023 2:57:01 PM

Added threat detections

Name	Severity
Backdoor:MSIL/DCRat.C!MTB	severe
Behavior:Linux/NetcatWebExecution.A	severe
Behavior:Linux/NetcatWebExecution.B	severe
Exploit:O97M/CVE-2017-11882.SZF!MTB	severe
HackTool:Linux/AirCrack!MTB	high
MonitoringTool:AndroidOS/TrackView!MTB	severe
Trojan:HTML/Obfuse.CSM!MTB	severe
Trojan:MSIL/Injuke.MBCI!MTB	severe
Trojan:MSIL/Rzelt.A!MTB	severe
Trojan:O97M/Downloader!MSR	severe
Trojan:Win32/BlackCat!MTB	severe
Trojan:Win32/DiscGrabber.A!MTB	severe
Trojan:Win32/Guloader.SPQN!MTB	severe
Trojan:Win32/SpyCasbaneiro!MTB	severe
Trojan:Win32/XMRig.CB!MTB	severe
Trojan:Win32/Zusy.BP!MTB	severe
Trojan:Win64/CobaltStrike.JL!MTB	severe
TrojanDownloader:JS/FakeUpdates	severe
TrojanDownloader:MSIL/AsyncRAT.BV!MTB	severe
TrojanDownloader:Win32/CobaltStrike.A!MTB	severe

Updated threat detections

Name	Severity
Adware:Win32/Neoreklami	high
Backdoor:Win32/Delf.PF	severe
Behavior:Linux/BruteforceTool.A	severe
Behavior:Linux/ShadowFileAccess.A	severe
Behavior:Linux/ShadowFileAccess.B	severe
Behavior:Win32/EnumVulnRegistry.A	severe
Behavior:Win32/TurlaDropperIntel.A	severe
Behavior:Win32/UnquotedPathAbuse.A	severe
Exploit:iPhoneOS/Vortex!MTB	severe
Exploit:O97M/CVE-2017-0199!rfn	severe
Exploit:O97M/CVE-2017-11882.ALY	severe
Exploit:O97M/CVE-2017-11882.AMN!MTB	severe
Exploit:O97M/CVE-2017-11882.RVIS	severe
Exploit:O97M/CVE-2017-11882.RVR	severe
Exploit:O97M/CVE-2017-11882.ST!MTB	severe
FriendlyFiles	low
Program:Win32/Ymacco.AA46	high
PWS:JS/Phish.SXY	severe
PWS:Win32/VB.CU	severe
Ransom:Win32/Filecoder.AR!MTB	severe
Ransom:Win32/FileCryptor.PAC	severe
Ransom:Win32/Genasom	severe
Ransom:Win64/Magniber.AD!MTB	severe
Trojan:AndroidOS/SAgnt!MTB	severe
Trojan:BAT/Starter.G	severe
Trojan:HTML/Phish!MSR	severe
Trojan:HTML/Phish.PABX	severe
Trojan:HTML/Phish.PACB	severe
Trojan:JS/Phish.KSMI	severe
Trojan:MSIL/AgentTesla.AII	severe
Trojan:MSIL/AgentTesla.AMLY	severe
Trojan:MSIL/AgentTesla.NR!MTB	severe
Trojan:MSIL/AgentTesla.RPP!MTB	severe
Trojan:MSIL/AgentTesla.SMKT	severe
Trojan:MSIL/AgentTesla.SSS!MTB	severe
Trojan:MSIL/AgentTesla.ST!MTB	severe
Trojan:MSIL/CryptInject!MTB	severe
Trojan:MSIL/Cryptor	severe
Trojan:MSIL/Remcos.AOBD!MTB	severe
Trojan:MSIL/RemLoader!MTB	severe
Trojan:MSIL/SnakeKeylogger.PA!MTB	severe
Trojan:MSIL/Tnega!MSR	severe
Trojan:MSIL/Tnega.PA!MTB	severe
Trojan:MSIL/XMRig!MTB	severe
Trojan:O97M/Obfuse.CJ	severe
Trojan:O97M/Obfuse.K	severe
Trojan:O97M/SchTaskPersistenceMacro.A	severe
Trojan:PDF/Phish.AME	severe
Trojan:Win32/Agent.SA	severe
Trojan:Win32/AutoItinject!rfn	severe
Trojan:Win32/Babatex.B	severe
Trojan:Win32/Bitrep.A	severe
Trojan:Win32/Casdet	severe
Trojan:Win32/Casdet!rfn	severe
Trojan:Win32/Cryptinject!MTB	severe
Trojan:Win32/DefenderFirewallTamper.B	severe
Trojan:Win32/Dridex!MTB	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Formbook!MTB	severe
Trojan:Win32/FormBook.AL!MTB	severe
Trojan:Win32/FormBook.AM!MTB	severe
Trojan:Win32/Fragtor!mclg	severe
Trojan:Win32/Guloader.RPP!MTB	severe
Trojan:Win32/Leivion.S	severe
Trojan:Win32/Leonem	severe
Trojan:Win32/Leonem.42B	severe
Trojan:Win32/Malex.gen	severe
Trojan:Win32/Occamy.AA	severe
Trojan:Win32/Occamy.C	severe
Trojan:Win32/Occamy.C12	severe
Trojan:Win32/Occamy.C21	severe
Trojan:Win32/Occamy.C75	severe
Trojan:Win32/Phonzy.C!ml	severe
Trojan:Win32/Redline!MTB	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/Skeeyah.A	severe
Trojan:Win32/Skeeyah.A!rfn	severe
Trojan:Win32/Small.DH	severe
Trojan:Win32/Tiggre	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Tinba	severe
Trojan:Win32/Tisar.A	severe
Trojan:Win32/Tisifi.RR	severe
Trojan:Win32/VBInject.AM	severe
Trojan:Win32/Vigorf.A	severe
TrojanDownloader:JS/Obfuse.PSA	severe
TrojanDownloader:MSIL/CryptInject!MSR	severe
TrojanDownloader:O97M/Emotet!rfn	severe
TrojanDownloader:O97M/Emotet.DD	severe
TrojanDownloader:O97M/Emotet.PR!MTB	severe
TrojanDownloader:O97M/Emotet.PRL	severe
TrojanDownloader:O97M/Emotet.RVU	severe
TrojanDownloader:O97M/Obfuse.DR	severe
TrojanDownloader:O97M/Obfuse.ER	severe
TrojanDownloader:O97M/Tisifi.RQ	severe
TrojanDownloader:VBS/Obfuse	severe
TrojanDownloader:Win32/Proflag.WE	severe
TrojanDropper:HTML/Obfuse.PAL	severe
TrojanDropper:HTML/Qakbot.PDN	severe
TrojanDropper:O97M/Obfuse.MN	severe
TrojanDropper:O97M/Obfuse.PRG	severe
TrojanDropper:Win32/Leonem!rfn	severe
TrojanSpy:Win32/Agent	severe
VirTool:MSIL/Injector	severe
VirTool:Win32/CeeInject.AJJ	severe
VirTool:Win32/CeeInject.ANO	severe
VirTool:Win32/Injector.EG	severe
VirTool:Win32/VBInject.AER	severe