This new malware is able to bypass all of Microsoft’s security warnings

Audio player loading…

Researchers have recently discovered a zero-day vulnerability that allows threat actors to run malware (opens in new tab) on target Windows endpoints (opens in new tab) without the victim devices raising any kind of alarms.

The vulnerability, which is still reportedly yet to be patched, allows threat actors to bypass Mark of the Web, a Windows feature that labels files downloaded from untrusted internet locations. 

The malware being distributed is Qbot (AKA Quakbot), an old and well-known banking trojan, but one that still poses a major threat to victims.

Running ISO files
The distribution starts …