by Researchers discovered an earlier exposed Windows vulnerability that allowed malicious JavaScript files to bypass Windows’ MotW mechanism, which protects against malicious files on web pages, before Microsoft released a patch. The operation of the ransomware Magniber was discovered last month by HP Threat Research staff. Attackers trick users into downloading a zip file containing a JavaScript file for antivirus or Windows Update. Magniber has been disguised as MSI and EXE files before, and this is the first time it uses JavaScript files.
