Security Bytes

Jun 27 2007   7:38AM GMT

Fake Microsoft patch bulletin circulating

Leigha Leigha Cardwell Profile: Leigha

The SANS Internet Storm Center (ISC) warns on its Web site that a fake Microsoft patch bulletin is circulating.

According to ISC handler Donald Smith, several people reported receiving an email directing them to a fake Microsoft patch.

“The email had their full names and in one case the company they worked for included in the body of the email,” Smith wrote. “So far I have seen four different URLs. We are working on getting the systems hosting the malware cleaned or shut down. We have submitted the malware itself to most of the antivirus vendors so detection should improve. But currently, it is not detected.”

Here’s an example of the text in these emails, typos included:

“You are receiving this message because you are using Genuine Microsoft Software and your e-mail address has been subscribed to the Microsoft Windows Update mailing list. A new 0-day vulnerability has appeared in the wild and was reported for the first time Monday, June 18th. The vulnerability affects machines running MICROSOFT OUTLOOK and allows an attacker to take full control of the vulnerable computer if the exploitation process is successful. Since then, more than 100,000 machines have been reported as exploited and used to promote spammy pharmacy products such as viagra and cialis. An update has been released to fix this issue and can be downloaded from the following link : http://windowsupdate.microsoft.com/outlook/upd ate-0-day/download.aspx?id=63852.

“It’s urgent to download and install the update as soon as possible in order to decrease the number of succesfull attacks that occure each day. The update is only available for Genuine Versions of Microsoft Outllok.”

Since Microsoft doesn’t send out random patches by email like this, users should treat any email billed as a Microsoft update with skepticism.

Technorati Tags: , ,

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: