• Total Posts: 28011
  • Total Topics: 8048
  • Online Today: 715
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: Sophos Warns: Fake Patch Tuesday from Microsoft  (Read 1052 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7151
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum
Sophos Warns: Fake Patch Tuesday from Microsoft
« on: 05. January 2011., 06:56:17 »

It's Tuesday, time for more security patches from Microsoft right? Not quite. It seems the malware crowd is exploiting Microsoft's routine of releasing fixes on Tuesdays and sending out fake security emails bent on infecting their targets with a worm.

Windows users familiar with Microsoft's modus operandi will sniff out this scam immediately, though, and not only because of the cracked English in the message. The missive contains the security update in an attachment. Microsoft never sends security updates in attachments.

"Please notice that Microsoft company [sic] has recently issued a Security Update for OS Microsoft Windows," the fake notice reads in typical fractured prose.

It then goes on to give instructions for installing the fake security file, KB453396-ENU.exe. "If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine," it explained

In the signature block of the message is the name of Microsoft Director of Security Assurance Steve Lipner. Lipner's name has been used on bogus security updates before, including attacks in 2008: and 2009:

Graham Cluley, who wrote about the fake security notice for Sophos's Naked Security blog: , noticed another bonehead error in the message. "With so much effort being taken by the cybercriminals to hoodwink unsuspecting computer users, though, you would have thought they would have not made an elementary mistake in their forged email header," he penned. "The messages we've seen claim to come from"

Yes, Microsoft's domain name is misspelled.


Samker's Computer Forum -

Sophos Warns: Fake Patch Tuesday from Microsoft
« on: 05. January 2011., 06:56:17 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising