January 04, 2011

Fake Microsoft security update spreading malware

A new wave of malicious emails containing a fake Microsoft Windows security update began hitting inboxes in an effort to spread malware, researchers at anti-virus firm Sophos have warned. The messages, which appear to be sent from Microsoft's security team and contain the subject line "Update your Windows," advise users to update their operating system by downloading an attached executable file, Graham Cluley, senior technology consultant at Sophos, wrote in a blog post Tuesday. The attached file, called “KB453396-ENU.zip,” is actually an AutoRun worm. Users should be advised that Microsoft never distributes security updates via email attachments, Cluley said. – AM
Related Articles
Related Topics
close

Next Article in News

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.