• Total Posts: 28035
  • Total Topics: 8051
  • Online Today: 772
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: 'Experimental' security fix is malware, Microsoft says  (Read 1334 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7151
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
'Experimental' security fix is malware, Microsoft says
« on: 14. October 2008., 07:25:40 »

Scammers are sending out phoney e-mails that claim to include critical Windows security alerts, Microsoft warned Monday.

The fake alerts describe themselves as part of a new "experimental private version of an update for all Microsoft Windows OS users," Microsoft said in a note on the scam, posted Monday.

The e-mails then instruct the victim to download an attachment, which is actually a malicious Trojan Horse program known as Win32/Haxdoor. This software records sensitive information such as passwords and credit card numbers and sends this data back to the attackers who are running the scam.

The malware well-known, however, and is detected by antivirus programs as well as Microsoft's free Microsoft Malicious Software Removal Tool (MSRT).

The warning comes the day before Microsoft is set to deliver 11 genuine security fixes. These updates, due Tuesday at around 10 a.m. Pacific include critical security updates for Windows Active Directory, Internet Explorer, Excel and the Microsoft Host Integration Server.

But they will be delivered via Microsoft's standard automated update tools. Major software vendors such as Microsoft simply do not distribute security patches via email.

"As a matter of company policy, Microsoft will never send you an executable attachment," wrote Microsoft spokesman Christopher Budd in a blog posting on the scam. "If you get an e-mail that claims to be a security notification with an attachment, delete it. It is always a spoof."

Microsoft does, however, send out security notification emails to customers who have asked to be told whenever patches are released or updated. These emails are in plain text and never contain any sort of attachment, Budd said.

Users who have doubts about any security notification email they've received can go to Microsoft's TechNet security Web site, which contains the same information as its e-mail notifications.


Samker's Computer Forum -

'Experimental' security fix is malware, Microsoft says
« on: 14. October 2008., 07:25:40 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising