Microsoft disables one of its own software tools following multiple malware attacks

Microsoft has disabled the ms-appinstaller protocol handler as default after it found new evidence of hackers using it to deploy malware. 

“The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution,” Microsoft said in a new security advisory.