Last Updated: 2008-10-10 12:44:54 UTC
by Marcus Sachs (Version: 1)
Several readers have alerted us to a fake Microsoft email circulating with a malicious attachment. If you are blocking executables at your email servers, there should not be a problem. The email looks like this, but might vary a bit:
Subject: Security Update for OS Microsoft Windows
From: "Microsoft Official Update Center" <securityassurance@microsoft.
Dear Microsoft Customer,
Please notice that Microsoft company has recently issued a Security Update for OS
Microsoft Windows. The update applies to the following OS versions: Microsoft
Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows
XP, Microsoft Windows Vista.
Please notice, that present update applies to high-priority updates category. In
order to help protect your computer against security threats and performance
problems, we strongly recommend you to install this update.
Since public distribution of this Update through the official website
http://www.microsoft.com would have result in efficient creation of a malicious
software, we made a decision to issue an experimental private version of an update
for all Microsoft Windows OS users.
As your computer is set to receive notifications when new updates are available, you
have received this notice.
In order to start the update, please follow the step-by-step instruction:
1. Run the file, that you have received along with this message.
2. Carefully follow all the instructions you see on the screen.
If nothing changes after you have run the file, probably in the settings of your OS
you have an indication to run all the updates at a background routine. In that case,
at this point the upgrade of your OS will be finished.
We apologize for any inconvenience this back order may be causing you.
Director of Security Assurance
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
-----END PGP SIGNATURE-----
Director, SANS Internet Storm Center