[Virtualacorn-list] Dodgy Patch

Chris Newman cvjazz at waitrose.com
Thu Feb 25 17:27:30 GMT 2010 

Hi folks,

I received today an email that seemed to be an attempt to put malware on my
machine.   
It waas titled  "Newest Critical Upgrade". It purported to come from
Microsoft but the senders address looked pretty dodgy:-

Microsoft Network Security Section <bldgslbiisr-chkpkai at technet_microsoft.com>
It came in to Pluto on my RiscPC so appeared as plain text with attachments
but looks to have originally been HTML.

The main substance of it ran thus:-

this is the latest version of security update, the
"February 2010, Cumulative Patch" update which fixes
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express
as well as three newly discovered vulnerabilities.
Install now to maintain the security of your computer
from these vulnerabilities, the most serious of which could
allow an attacker to run executable on your system.
This update includes the functionality of all previously released patches.

System requirements: Windows 95/98/Me/2000/NT/XP
This update applies to:
 - MS Internet Explorer, version 4.01 and later
 - MS Outlook, version 8.00 and later
 - MS Outlook Express, version 4.01 and later

Recommendation: Customers should install the patch at the earliest opportun=
ity.
How to install: Run attached file. Choose Yes on displayed dialog box.
How to use: You don't need to do anything after installing this item.
                       ---------------------------
Notice the dodgy grammer of the word "executable".
I am pretty sure Microsoft never use emails to send updates. You either set
your machine to download them automatically or visit the Microsoft update
website. I suspect the patch to be extremely dodgy & may well come from those
who infiltrated Internet Explorer in the first place.

Am I right in my wariness? Thought I'd forwarn others who use VA on a Windows
m/c who might get this.

If this broken the Mail List etiquette, I apologise, but I had never seen
anything before which looked so superficially authentic.
Has anyone else received this?

-- 
Chris Newman

More information about the Virtualacorn-list mailing list