'This reveals a broader security problem': Experts warn a key Microsoft legacy tool is still being abused to launch malware campaigns
Experts have raised concerns about the ongoing abuse of the Microsoft HTML Application Host (MSHTA) tool for launching malware campaigns. A recent report from Bitdefender indicates a rise in the use of this legacy utility for delivering both simple and advanced malware threats. Cybersecurity professionals are advised to restrict the use of outdated scripting tools and enhance security measures to combat this issue.
- ▪Bitdefender reports an increase in the abuse of the MSHTA utility since the beginning of 2026.
- ▪MSHTA is being used to deliver various types of malware, including infostealers and loaders.
- ▪Cybercriminals are leveraging this legitimate tool to execute malicious scripts and bypass security controls.
Opening excerpt (first ~120 words) tap to expand
Pro Security 'This reveals a broader security problem': Experts warn a key Microsoft legacy tool is still being abused to launch malware campaigns News By Sead Fadilpašić published 21 May 2026 MSHTA is being used for both simple and advanced threats When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Bitdefender reports rising abuse of the legacy MSHTA utility to deliver infostealers and loader malwareCampaigns range from simple commodity threats like LummaStealer to advanced persistence tools such as…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
