Microsoft on Thursday said its once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware distribution, the Microsoft Threat Intelligence