Change logs for security intelligence update version 1.441.759.0

We couldn’t find the update version you requested. Showing the latest version instead.

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

12/6/2025 5:54:22 AM

Added threat detections

Name	Severity
Behavior:Linux/SuspNodeActivity.A	severe
Behavior:Linux/SuspNodeActivity.B	severe
Behavior:Linux/SuspNodeActivity.C	severe
Ransom:Win64/Sikari.YAC!MTB	severe
Trojan:JS/GlassWorm.I!MTB	severe
Trojan:JS/Remcos!AMTB	severe
Trojan:MacOS/Rusdinjs.A	severe
Trojan:MSIL/NanoCore!AMTB	severe
Trojan:PDF/Phish.AC!atmn	severe
Trojan:Win64/Rusdinjs.A	severe
TrojanDownloader:JS/NetSupportRat.DG!MTB	severe

Updated threat detections

Name	Severity
Adware:Win32/Agent	high
Adware:Win32/Kuaiba	high
Adware:Win32/Tnega	high
Backdoor:MacOS/Mettle	severe
Backdoor:MSIL/AsyncRat!rfn	severe
Backdoor:MSIL/Bladabindi!rfn	severe
Backdoor:PHP/Dirtelti.OD	severe
Backdoor:Win32/Androm.BQ!MTB	severe
Backdoor:Win32/Berbew.AA!MTB	severe
Backdoor:Win32/Floxif!rfn	severe
Backdoor:Win32/Padodor.SK!MTB	severe
Backdoor:Win32/Rescoms!rfn	severe
Backdoor:Win32/Simda.CCJE!MTB	severe
Backdoor:Win64/Nukesped	severe
Backdoor:Win64/Supper!rfn	severe
Backdoor:Win64/Vankul!rfn	severe
Behavior:Win32/CallbackDnsHook.A	severe
Behavior:Win32/CallbackDnsHook.A!nri	severe
Behavior:Win32/CallbackWebHook.A	severe
Behavior:Win32/CallbackWebHook.A!nri	severe
BrowserModifier:Win32/Qiwmonk	high
BrowserModifier:Win32/Shafmia	high
DoS:Win32/FoxBlade!rfn	severe
Exploit:JS/IframeBOShell	severe
Exploit:JS/ShellCode.gen	severe
Exploit:Perl/Bazooka.A	severe
Exploit:PHP/injector	severe
Exploit:Ruby/JSShell.G!MSR	severe
Exploit:Win32/ShellCode.A	severe
HackTool:Linux/PthToolkitGen.ZZ	high
HackTool:MSIL/Winactivator	high
HackTool:PowerShell/Powersploit	high
HackTool:PowerShell/PowerView	high
HackTool:Python/Impacket!MSR	high
HackTool:Win32/Activator	high
HackTool:Win32/Activator!MTB	high
HackTool:Win32/AutoKMS.D	high
HackTool:Win32/Chisel!rfn	high
HackTool:Win32/crack	high
HackTool:Win32/Crack!MTB	high
HackTool:Win32/Keygen	high
HackTool:Win32/Keygen!MTB	high
HackTool:Win32/Keygen!rfn	high
HackTool:Win32/Loader!MTB	high
HackTool:Win32/Malgent!MSR	high
HackTool:Win32/Mimikatz!rfn	high
HackTool:Win32/Offact	high
HackTool:Win32/Patcher	high
HackTool:Win32/Patcher!AMTB	high
HackTool:Win32/Patcher!MTB	high
HackTool:Win32/RemoteAdmin	high
HackTool:Win32/Wpakill.AR!MTB	high
HackTool:Win64/AutoKms	high
Misleading:Win32/Lodi	high
PWS:MSIL/AdamantiumTheif!rfn	severe
PWS:MSIL/Browsstl!rfn	severe
PWS:Win32/Fareit!rfn	severe
Ransom:Linux/BlackCat!rfn	severe
Ransom:PowerShell/Roduk	severe
Ransom:Win32/Basta!rfn	severe
Ransom:Win32/BlackCat!rfn	severe
Ransom:Win32/Clop!rfn	severe
Ransom:Win32/ContiCrypt!rfn	severe
Ransom:Win32/Phobos!rfn	severe
Ransom:Win64/Basta!rfn	severe
Ransom:Win64/Bloody!rfn	severe
Ransom:Win64/Filecoder!rfn	severe
Ransom:Win64/Ransomhub!rfn	severe
Trojan:AndroidOS/AVerseFalc!rfn	severe
Trojan:BAT/Disabler.AME!MTB	severe
Trojan:BAT/Qakbot!rfn	severe
Trojan:BAT/XWorm!AMTB	severe
Trojan:HTML/Nioc!rfn	severe
Trojan:HTML/Pterodo!rfn	severe
Trojan:HTML/Qakbot!rfn	severe
Trojan:HTML/SpamLeonem!rfn	severe
Trojan:JS/QakbotLNK!rfn	severe
Trojan:Linux/Multiverze	severe
Trojan:Linux/Samblad.A!MTB	severe
Trojan:MSIL/Bartblaze.MCP!MTB	severe
Trojan:MSIL/Bladabindi!AMTB	severe
Trojan:MSIL/CoinMiner!rfn	severe
Trojan:MSIL/Fbtaken!rfn	severe
Trojan:MSIL/Jalapeno!rfn	severe
Trojan:MSIL/Lazy!rfn	severe
Trojan:MSIL/Polazert!rfn	severe
Trojan:MSIL/Razy.PGRZ!MTB	severe
Trojan:MSIL/RRat.PGRR!MTB	severe
Trojan:MSIL/Tnega!rfn	severe
Trojan:MSIL/Umbral!rfn	severe
Trojan:O97M/DDownloader!rfn	severe
Trojan:O97M/Phish.SA!MSR	severe
Trojan:PowerShell/Agent.AKD	severe
Trojan:PowerShell/QakBot!rfn	severe
Trojan:Script/Multiverze!rfn	severe
Trojan:Script/Phish!MSR	severe
Trojan:VBS/Emotet!rfn	severe
Trojan:VBS/Qakbot!rfn	severe
Trojan:Win32/Alevaul!rfn	severe
Trojan:Win32/Androm.KK!MTB	severe
Trojan:Win32/AutoitInject.KAB!MTB	severe
Trojan:Win32/Bitis!rfn	severe
Trojan:Win32/Bitrep.B	severe
Trojan:Win32/Blihan.MA!MTB	severe
Trojan:Win32/Bluteal!rfn	severe
Trojan:Win32/Casdet!rfn	severe
Trojan:Win32/Ceevee	severe
Trojan:Win32/Convagent.BAB!MTB	severe
Trojan:Win32/Copak.KAV!MTB	severe
Trojan:Win32/Copak.PGCO!MTB	severe
Trojan:Win32/Copak.PGCP!MTB	severe
Trojan:Win32/Coroxy!rfn	severe
Trojan:Win32/CryInfector.MBFH!MTB	severe
Trojan:Win32/CryptInject!MSR	severe
Trojan:Win32/DarkComet.MBXX!MTB	severe
Trojan:Win32/Daws.EC!MTB	severe
Trojan:Win32/DCRat.MX!MTB	severe
Trojan:Win32/DllInject	severe
Trojan:Win32/DSSDetection	severe
Trojan:Win32/DuckTailLNK.DF!MTB	severe
Trojan:Win32/Dynamer!ac	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Egairtigado!rfn	severe
Trojan:Win32/Emotet!rfn	severe
Trojan:Win32/Esulat	severe
Trojan:Win32/Etset!rfn	severe
Trojan:Win32/FakeAV.EA!MTB	severe
Trojan:Win32/Fareit.VB!MTB	severe
Trojan:Win32/Farfli!rfn	severe
Trojan:Win32/Fauppod!rfn	severe
Trojan:Win32/Flystudio!MTB	severe
Trojan:Win32/FormBook!rfn	severe
Trojan:Win32/Fragtor.GKN!MTB	severe
Trojan:Win32/Gamaredon.psyO!MTB	severe
Trojan:Win32/Hive!MTB	severe
Trojan:Win32/Hive!rfn	severe
Trojan:Win32/Injector!MSR	severe
Trojan:Win32/Injector.YTRE!MTB	severe
Trojan:Win32/Kepavll!rfn	severe
Trojan:Win32/KillWin.ARAZ!MTB	severe
Trojan:Win32/Lauri.ALI!MTB	severe
Trojan:Win32/Lazy.AHE!MTB	severe
Trojan:Win32/Leonem!rfn	severe
Trojan:Win32/Malgent	severe
Trojan:Win32/Malgent!AMTB	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/Malgent!MTB	severe
Trojan:Win32/Mamson.A!ac	severe
Trojan:Win32/Martey!rfn	severe
Trojan:Win32/MereTam!rfn	severe
Trojan:Win32/Meterpreter!rfn	severe
Trojan:Win32/Midie.LMC!MTB	severe
Trojan:Win32/Neoreblamy.NRD!MTB	severe
Trojan:Win32/Occamy.CA9	severe
Trojan:Win32/Occamy.CE3	severe
Trojan:Win32/PhishLeonem!rfn	severe
Trojan:Win32/PlugX!rfn	severe
Trojan:Win32/PlugX.psyP!MTB	severe
Trojan:Win32/Pomal!rfn	severe
Trojan:Win32/Qakbot!rfn	severe
Trojan:Win32/Qbot!rfn	severe
Trojan:Win32/Ragzil.B	severe
Trojan:Win32/Remcos!rfn	severe
Trojan:Win32/Runner.HB!MTB	severe
Trojan:Win32/SalatStealer.NE!MTB	severe
Trojan:Win32/SalatStealer.NRR!MTB	severe
Trojan:Win32/Salgorea.C!MTB	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/Sehyioa.A!cl	severe
Trojan:Win32/ShellcodeRunner.LMC!MTB	severe
Trojan:Win32/Simda.ASI!MTB	severe
Trojan:Win32/Skeeyah	severe
Trojan:Win32/Skeeyah.A!rfn	severe
Trojan:Win32/Skeeyah.B!rfn	severe
Trojan:Win32/SmokeLoader.FT!MTB	severe
Trojan:Win32/Sonoko.A!rfn	severe
Trojan:Win32/Staser.ARA!MTB	severe
Trojan:Win32/Suschil!rfn	severe
Trojan:Win32/Swrort!rfn	severe
Trojan:Win32/Tedy!MTB	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Tiny.AB!MTB	severe
Trojan:Win32/Tnega!MSR	severe
Trojan:Win32/Tnega!rfn	severe
Trojan:Win32/Ursnif.KSV!MTB	severe
Trojan:Win32/VBClone.GTT!MTB	severe
Trojan:Win32/Vidar!rfn	severe
Trojan:Win32/Vilsel.A!MTB	severe
Trojan:Win32/Vindor.AHB!MTB	severe
Trojan:Win32/Vundo.AHC!MTB	severe
Trojan:Win32/Wacatac	severe
Trojan:Win32/Wacatac.A!rfn	severe
Trojan:Win32/Yomal!rfn	severe
Trojan:Win32/Zbot.EN!MTB	severe
Trojan:Win32/Zbot.HBAI!MTB	severe
Trojan:Win32/Zbot.SPY!MTB	severe
Trojan:Win32/Zusy.AHB!MTB	severe
Trojan:Win32/Zusy.BL!MTB	severe
Trojan:Win32/Zusy.DV!MTB	severe
Trojan:Win32/Zusy.EM!MTB	severe
Trojan:Win32/Zusy.KK!MTB	severe
Trojan:Win32/Zusy.LMV!MTB	severe
Trojan:Win32/Zusy.MRA!MTB	severe
Trojan:Win64/BrutRatel!rfn	severe
Trojan:Win64/BumbleBee!rfn	severe
Trojan:Win64/Cerbu.AHD!MTB	severe
Trojan:Win64/ClipBanker.KK!MTB	severe
Trojan:Win64/Cobaltstrike!rfn	severe
Trojan:Win64/CoinMiner!MTB	severe
Trojan:Win64/CryptInject!rfn	severe
Trojan:Win64/DisguisedXMRigMiner!rfn	severe
Trojan:Win64/DllInject!rfn	severe
Trojan:Win64/Donut!rfn	severe
Trojan:Win64/Emotet!rfn	severe
Trojan:Win64/Emotetcrypt!rfn	severe
Trojan:Win64/EmotetPacker!rfn	severe
Trojan:Win64/IcedID!rfn	severe
Trojan:Win64/Malgent!MSR	severe
Trojan:Win64/Meterpreter!rfn	severe
Trojan:Win64/Mikey.MMT!MTB	severe
Trojan:Win64/Oyster!rfn	severe
Trojan:Win64/Qakbot!rfn	severe
Trojan:Win64/ReflectiveLoader	severe
Trojan:Win64/Rhadamanthys.KK!MTB	severe
Trojan:Win64/Rhadamanthys.NRF!MTB	severe
Trojan:Win64/ShellCodeLoader.NQA!MTB	severe
Trojan:Win64/ShellcodeRunner!rfn	severe
Trojan:Win64/StealC!rfn	severe
Trojan:Win64/Stealer.MIK!MTB	severe
Trojan:Win64/Tedy.ATY!MTB	severe
Trojan:Win64/Tedy.PGT!MTB	severe
Trojan:Win64/Tedy.ZJJ!MTB	severe
Trojan:Win64/Tedy.ZTM!MTB	severe
Trojan:Win64/Tnega!rfn	severe
Trojan:Win64/XWorm.ZAP!MTB	severe
Trojan:Win64/Xworm.ZBO!MTB	severe
TrojanDownloader:BAT/QakBotLoader!rfn	severe
TrojanDownloader:HTML/Adodb.gen!A	severe
TrojanDownloader:HTML/Adodb.gen!rfn	severe
TrojanDownloader:JS/Qakbot!rfn	severe
TrojanDownloader:O97M/Donoff.CD	severe
TrojanDownloader:O97M/Dornoe.A!rfn	severe
TrojanDownloader:O97M/Dridex.ARJ!MTB	severe
TrojanDownloader:O97M/Emotet!rfn	severe
TrojanDownloader:O97M/Powdow.BKMT!MTB	severe
TrojanDownloader:Win32/Fragtor.ARAZ!MTB	severe
TrojanDownloader:Win32/Loan.BG!MTB	severe
TrojanDropper:PowerShell/Ploty!rfn	severe
TrojanDropper:Win32/Salgorea.AI!MTB	severe
TrojanSpy:Win32/Shiotob!rfn	severe
VirTool:MSIL/Aikaantivm.GG!MTB	severe
VirTool:PowerShell/Etiquee.A!MTB	severe
VirTool:Win32/Tabloid!MTB	severe
Worm:VBS/Jenxcus	severe
Worm:Win32/Crastic!rfn	severe
Worm:Win32/Rebhip!rfn	severe