News

E-mail Worm Masquerades as Microsoft Support Message

An antivirus vendor Thursday warned of a worm that spreads itself by masquerading as a technical support e-mail from Microsoft Corp.

Only one report of the worm had arrived at Central Command Inc., a PC antivirus software and computer security services firm.

"But [we're] monitoring this worm's activity very closely," Steven Sundermeier, product manager at Central Command, said in a statement.

Users receiving the new worm, called Win32.Invalid.A@mm, see a legitimate-looking From line: "Microsoft Support" support@microsoft.com. The subject line reads, "Invalid SSL Certificate."

The message describes a problem with an SSL certificate and advises users to install an attachment called, sslpatch.exe.

The result is a destructive payload that can break executable files by encrypting them with a random encryption key. It is a mass-mailing worm.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Shifting Away from Office 365 Brand Name in April

    Microsoft on Monday announced coming product naming changes, where "Office 365" is mostly getting replaced by the "Microsoft 365" brand.

  • Microsoft Grows Services Amid COVID-19

    Microsoft in a Saturday announcement recapped how its services have been affected by "shelter-in-place" governmental mandates in the last week, providing details on growth stats and prioritizations.

  • Microsoft Adds 6 More Months to Expiring Certification Programs

    Microsoft has announced an extension to the end date of three certification programs slated for retirement.

  • Microsoft's Surface Pro X: It's Like the Surface RT, But Better

    There's a lot about the Surface Pro X that's reminiscent of the ill-fated Surface RT. But despite the similarities, this might just be one of the rare cases where the sequel is better than the original.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.