Fake Microsoft Patch Triggers Virus Attack

Like day follows night, a bogus "cumulative update" with a malicious attachment has followed Microsoft's patch day.

In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment.

The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.

The claim is that the executable file contains patches for vulnerabilities in Internet Explorer, Microsoft Outlook and Outlook Express, three widely used products with a history of serious security bugs.

The file is actually an executable for a variant of W32.Pinfi, a memory-resident polymorphic virus capable of replicated via mapped drives and network shares.

News source: eWeek

Report a problem with article
Previous Story

Microsoft Consumer Timeline (A General Misconception?)

Next Story

'Secure' Netscape released with vulnerabilities

0 Comments

Commenting is disabled on this article.

There are no comments