Fake Microsoft Patch Triggers Virus Attack
Posted by Steven Parker on 20 May 2005 - 10:37 · 16 comments & 1925 views
About the Author
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Full name: Steven Parker
Forum name: Neobond
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(2 replies)
#1 Posted by Liaqat_ali on 20 May 2005 - 10:44
- What is it that they want .
-
(3 replies)
#2 Posted by Dayon on 20 May 2005 - 11:07
- Ugh, the question is: Why do the people on neowin care? Don't we know enough about computers to not open any email attachments EVER?
-
#2.1 Posted by Krudomanic on 20 May 2005 - 14:50
- Unfortunately people do not learn... and anybody who opens and email from Microsoft stating this is a patch knowing darn well the only updates you get from Microsoft is via automatic update or you personally going to the website and downloading the latest updates yourself...
So anybody who opens an email from Microsoft deserves to have a virus on his or her machine... I know it sounds a little harsh bit tuff...
QUOTE Then again you get security emails via MS so you should not open any of them while this is ongoing... So what I said above is not actually true but have a point... -
#2.2 Posted by Denver_80203 on 20 May 2005 - 18:28
- Some of us have parents. good to be fore-warned.
-
#2.3 Posted by SquareSoft0 on 20 May 2005 - 22:54
- This "mightier than thou" crap gets old, there are plenty of retards on Neowin.
-
(2 replies)
#3 Posted by Ficman on 20 May 2005 - 11:12
- When will they learn...
-
#3.1 Posted by DJROrion on 20 May 2005 - 12:01
- They will learn when this kind of stuff stops working. Most People already know that Microsoft will never send an update in an email.
-
#3.2 Posted by Treefrog on 20 May 2005 - 22:14
QUOTE They will learn when this kind of stuff stops working. Most People already know that Microsoft will never send an update in an email.
"Most People"? I don't think so. "Most People" don't have the first clue, actually, or at least most (and by most I mean the vast majority, like 98%) of the people I've run tech support for.
-
(1 reply)
#4 Posted by Phoenix56 on 20 May 2005 - 12:19
- If you have not signed up for any security communications from Microsoft and you receive an unexpected message about a security update, you should treat the message with great caution. When in doubt, delete the message and immediately check the Microsoft.com home page for the same information.
-
#5 Posted by Cyranthus on 20 May 2005 - 14:01
- if its not on the windows update page... dont download it. DUH!
-
(1 reply)
#6 Posted by TheSarge on 20 May 2005 - 16:58
- People are ignorant for the most part. They just don't know how Microsfot operates regarding updates. Heck, I know a few users who known squat about how to use Windows, but they know enough to access their hotmail acount. There's an old saying about people who know just enough to be dangerous, you know?
If you're an IT profesional and you were fooled by this.. shame on you. You should know better by now.
-
#7 Posted by C-Fu on 20 May 2005 - 16:58
- this is exactly the reason why I told my non-IT literate friends not to trust emails from MS. When they ask why, I just say "because MS is stupid"
even though MS has started sending emails about updates by subscription, which is a very, VERY bad move IMO. If it does the job, hell I couldn't care less if it's wrong or not
In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment.
The latest social engineering trick arrives via e-mail with an attachment that purports to be a "cumulative patch" for May 2005.
The claim is that the executable file contains patches for vulnerabilities in Internet Explorer, Microsoft Outlook and Outlook Express, three widely used products with a history of serious security bugs.
The file is actually an executable for a variant of W32.Pinfi, a memory-resident polymorphic virus capable of replicated via mapped drives and network shares.
Changelog:
- New: DRM WMA Playback supports out_wave
* 5.09-specific bugs- New: Non-DRM WMA Playback allows any output plugin
- New: Community Picks AVS Preset Pack
- New: Windows Media Audio Ripping/Encoding
- New: Deletes in the Media Library now move files to the Recycle Bin
- New: NSV Subtitles can be disabled on the fly
- Fixed: gen_ml shutdown bug
- Fixed: Easy Move of video window back to normal *
- Fixed: Pause in WMA playback memory leak
- Fixed: Multi-monitor full screen video *
- Fixed: Drag and Drop in playlist editor *
- Fixed: Drag and Drop on Winamp *
- Fixed: Now Playing update on song change *
- Fixed: Media Library/Windows Media scanning errors *
- Fixed: Stay in fullscreen/Config mismatch *
- Fixed: Ctrl-B Crash *
- Fixed: Authentication for OGG/Vorbis streams
- Fixed: Drag and Drop strange behavior in open file dialogs
- Fixed: Stuttering WMA On Start and Seek
- Fixed: NSV Video stall during buffering
- Fixed: Autosize of video to be accurate to the Video size not snap size
- Fixed: Short NSV Clips audio cutout
- Update: Online Media tree is now dynamic (Checking can now be disabled)
- Update: Sonic Install/Config flag mismatch
- Update: CD Ripping/Burning Library (possible cause of msvcrt.dll errors)
- Other general small tweaks/bugfixes ;-)