News

Fake Microsoft Security Update Makes Rounds

Sophos quickly warns of fake Trojan-laden e-mail disguised as Microsoft Security Bulletin update hitting inboxes.

A day after the Patch Tuesday release and in the same week Sophos announced a new partnership with Microsoft to educate and protect users from emerging IT security threats, the independent security firm announced something else Microsoft related -- or not.

The security and research firm on Wednesday afternoon indentified malicious Trojan horse-laden e-mails disguised as a notice for a "new Microsoft security update," which was supposed to coincide with the software giant's issuance of critical and important security bulletins as part of a monthly roll out cycle. The erroneous e-mails, which have the subject line "Security Update for OS Microsoft Windows," claim to have come from Steve Lipner at [email protected]

By timing an attack that comes in concert with Microsoft's real monthly patch batch, the hackers are attempting to seize on what might be the short attention span of IT pros on hectic weeks such as this one, when there are 11 fixes to consider. They also want to lure novices who might unwittingly just open the e-mail and the attachment thinking it's a regular Redmond note or newsletter.

The attachment is indentified as "high priority" and is written in the type of language reminiscent of e-mails from a "bank manager" who wants to hand over a vast fortune of a "deposed African dictator or overthrown government" with no strings attached. The fake Microsoft note begins as follows:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millennium, Microsoft Windows XP, Microsoft Windows Vista... ... .

Graham Cluley, senior technology consultant at Sophos, said in an e-mail statement that running the attached file would infect Windows users with the Mal/EncPK-CZ Trojan horse and give hackers control of the PC.

"It's laughable, but it's simple. Users should always visit the genuine Microsoft Website or use automatic updating processes to keep their systems current," he warned.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Hires Movial To Build Android OS for Microsoft Devices

    Microsoft has hired the Romanian operations of software engineering and design services company Movial to develop an Android-based operating system solution for the Microsoft Devices business segment.

  • Microsoft Ending Workflows for SharePoint 2010 Online Next Month

    Microsoft on Monday gave notice that it will be ending support this year for the "workflows" component of SharePoint 2010 Online, as well as deprecating that component for SharePoint 2013 Online.

  • Why Windows Phone Is Dead, But Not Completely Gone

    Don't call it a comeback (because that's not likely). But as Brien explains, there are three ways that today's smartphone market leaves the door open for Microsoft to bring Windows back to smartphones.

  • Feature Update Deferral Mix-Up in Windows 10 Version 2004 Further Explained

    Microsoft last week described the confusion it is attempting to avoid by removing the client graphical user interface (GUI)-based controls to defer Windows 10 feature updates, starting with version 2004.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.