zdnet[.]com/article/bazarloader-now-abuses-windows-10-apps-feature-in-call-me-back-attack/
According to Sophos Labs, the new technique uses a link in an email that takes would-be victims to a web site with a link to view a PDF file. Clicking that causes the browser to load the Windows Store's AppInstaller.exe. The examples that Sophos has seen are more a threat to businesses than individual home users, but they feel the technique will soon be copied by other cybercriminals. Hopefully the companies making and selling security software will update their protections, rather than just assuming that since that installer is a legit Windows app, just let it go. But that will take time, so be careful.