News

E-mail Worm Masquerades as Microsoft Support Message

An antivirus vendor Thursday warned of a worm that spreads itself by masquerading as a technical support e-mail from Microsoft Corp.

Only one report of the worm had arrived at Central Command Inc., a PC antivirus software and computer security services firm.

"But [we're] monitoring this worm's activity very closely," Steven Sundermeier, product manager at Central Command, said in a statement.

Users receiving the new worm, called Win32.Invalid.A@mm, see a legitimate-looking From line: "Microsoft Support" support@microsoft.com. The subject line reads, "Invalid SSL Certificate."

The message describes a problem with an SSL certificate and advises users to install an attachment called, sslpatch.exe.

The result is a destructive payload that can break executable files by encrypting them with a random encryption key. It is a mass-mailing worm.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

  • How To Block Self-Service Purchasing in Microsoft's Power Platform

    Microsoft threw Office 365 admins a bone when it gave them the ability to block users from purchasing Power Platform tools without IT approval. Here's how to prevent total anarchy.

  • Azure DevOps Services Losing Support for Alternate Credentials

    Microsoft gave notice last week that it's going to drop Alternate Credentials support for authenticating users of its Azure DevOps Services.

  • Microsoft Endpoint Configuration Manager Update 1910 Released

    Microsoft announced last week that it is starting to deliver Update 1910 for Microsoft Endpoint Configuration Manager users.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.