Results 1 to 3 of 3

`Microsoft Security Update' is Trojan

  1. #1
    Good to be Back
    Join Date
    Aug 2008
    Posts
    2,987

    Exclamation `Microsoft Security Update' is Trojan

    Hackers are trying to infect innocent computer users with a malicious Trojan horse disguised as a Microsoft security update, in the hours before the software giant issues genuine critical patches as part of its monthly Patch Tuesday cycle, according to security firm Sophos.

    The emails, which have the subject line `Security Update for OS Microsoft Windows' claims to have come from Steve Lipner at securityassurance@microsoft.com.

    The email tells unsuspecting computer users that the attached file is a high-priority update and needs to be installed by users of various versions of Microsoft Windows.

    However, running the attached file infects Windows computer users with the Mal/EncPk-CZ Trojan horse, and could give hackers control over your PC. The file attached to the file is named KBxxxxxx.exe (where ‘xxxxxx’ is a randomly generated number) in order to disguise itself as a knowledgebase file.

    Sophos is intercepting the malicious emails spammed out by the hackers, which read as follows:

    Dear Microsoft Customer,

    Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.

    Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.

    Since public distribution of this Update through the official website Microsoft Corporation would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.

    As your computer is set to receive notifications when new updates are available, you have received this notice.

    In order to start the update, please follow the step-by-step instruction:
    1. Run the file that you have received along with this message.
    2. Carefully follow all the instructions you see on the screen.

    If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.

    We apologise for any inconvenience this back order may be causing you.

    Thank you,

    Steve Lipner
    Director of Security Assurance
    Microsoft Corp

    Awarness is better than Cure.....
    Collection of my useful Threads - All in One

  2. #2
    Platinum Member StarK's Avatar
    Join Date
    Mar 2008
    Posts
    1,388

    Default

    lol.. any1 who tries to install updates thru an email deserves to be infected...
    DON'T beam me up, Scotty!

  3. #3
    Bronze Member
    Join Date
    Aug 2008
    Posts
    106

    Default

    I use to click on the 'Windows Update' link on 'Control Panel' or in 'IE'.

Similar Threads

  1. Replies: 49
    Last Post: 19th January 2012, 01:23 PM
  2. Microsoft Security essentils
    By tomydelhi in forum Computer Security
    Replies: 3
    Last Post: 4th March 2011, 06:33 AM
  3. Microsoft Security Essentials
    By pshrinivasan in forum Windows
    Replies: 18
    Last Post: 10th October 2009, 07:55 PM
  4. Microsoft patches critical IE bug with emergency update
    By Rameshjeee in forum Computer Security
    Replies: 1
    Last Post: 20th December 2008, 02:19 AM
  5. Microsoft might get users to update to Internet Explorer 7 through Windows Update
    By India Broadband in forum Software News, Previews and Reviews
    Replies: 0
    Last Post: 29th July 2006, 12:55 AM