View Full Version : Fake Microsoft security updates

04-08-2005, 12:59 PM
It is getting close to time for Microsoft to issue their regular monthly security update and fake updates have started circulating. Many people are falling for the fake updates.

While most of you probably wouldn't fall for this, I thought I would present you with this information just so you would be aware of it or want to tell someone you know about it who isn't very careful when it comes to things such as this.
Fake Microsoft security updates circulate

By Dawn Kawamoto

Story last modified Fri Apr 08 07:40:00 PDT 2005

An e-mail campaign designed to lure people to a bogus Microsoft Web site is making the rounds as part of an attempt to install a Trojan horse, antivirus company Sophos said Friday.

Attackers are sending out fake e-mails that claim to come from Microsoft’s Windows Update. People who click on the link are steered to a bogus Microsoft security update site, where they are urged to download fake patches.

But should unsuspecting users download the bogus patches, they will infect their computers with the Troj/DSNX-05 Trojan horse, according to Sophos. That, in turn, will let the attackers to remotely take control of the infected PC.

“Microsoft does not issue security warnings this way,” said Graham Cluley, Sophos senior technology consultant. “They don’t send updates in an HTML format, so don’t follow the links in an e-mail. If you want to see if an update is real, you need to go to the real Microsoft Web site and check there.”

People, however, may be quicker to click on the bogus Microsoft update notices, given this latest Trojan horse is making the rounds at the same time that Microsoft is poised to issue its regular monthly security update.

“Next week, Microsoft is going to release their monthly security patches. So with all the news that is out there about it, some people may be tempted to click on the (bogus) link,” Cluley said.

Microsoft has posted a notice on its site that it will issue on Tuesday some critical patches for Windows, Office, MSN Messenger and Exchange.

In the past, malicious virus writers have tried to tie bogus Microsoft security e-mails with attachments proclaiming to contain downloadable security updates. The Dumaru worm was one such example, Cluley said.


04-08-2005, 11:30 PM
Thanks for making our members and guests aware of this, larwee.

The ID thiefs sure are proving themselves a persistent bunch. What's painfully ironic about this case is that this comes just weeks after Microsoft announced that it was getting tough on phishers and commencing legal action against many of the players in the ID theft field:

Click Here!