Fake Microsoft Patch Triggers Virus Attack

Like day follows night, a bogus "cumulative update" with a malicious attachment has followed Microsoft"s patch day.

In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft"s patching cycle to trick users into executing a malicious attachment.

The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.

The claim is that the executable file contains patches for vulnerabilities in Internet Explorer, Microsoft Outlook and Outlook Express, three widely used products with a history of serious security bugs.

The file is actually an executable for a variant of W32.Pinfi, a memory-resident polymorphic virus capable of replicated via mapped drives and network shares.

News source: eWeek

Report a problem with article
Next Article

Dell wants $40 for upgrade to 64bit Windows XP

Previous Article

Microsoft Consumer Timeline (A General Misconception?)