This article provides an updated analysis of Windows URL protocol handlers, specifically focusing on new additions found in Windows 11 25H2. Building upon research from 2018 and 2022, the author identifies several new URI schemes that have been introduced into the operating system environment.
The list of new protocols includes system components and applications such as ms-recall, ms-outlook, ms-devhome, and ms-clipchamp. For security analysts, monitoring these protocol handlers is essential for identifying potential attack vectors related to application execution, persistence, or bypass techniques within the Windows ecosystem.
Top comments (0)