Microsoft Store and WinGet: Security Risks for Corporate Environments

This report explains how Microsoft Store and WinGet enable installation of dual-use utilities and interpreters that attackers or malicious employees can leverage for remote access, credential theft, lateral movement, and covert tunneling (examples: Quick Assist, DBeaver/xp_dirtree, Sysinternals, Dev Tunnel). It highlights abuse scenarios, demonstrates attack workflows, and recommends blocking Store/WinGet and enforcing application control to prevent unauthorized installation and execution.