More threads by David Baxter PhD

David Baxter PhD

Late Founder
Don't Update With That Update.exe

Some malware authors are still fond of using the good old techniques to spread their wares. One of these techniques is to send e-mail messages with "Security Updates", released by a well-known software vendor.

Today we received multiple reports about a message claiming to be a "Critical Security Update" from Microsoft. The message had a ZIP archive with a trojan downloader inside.

To become infected a user needs to extract the trojan's file and to run it. It should be noted that unlike Swen's message, this fake update message does not even look legitimate, so we are not going to see a lot of real infections.

Admin note: Microsoft never distributes updates this way. If you receive any email claiming to be an update from Microsoft or any other software installed on your computer, it's safe to ignore it as fake.

You may receive emails from certain software producers notifying you that updates are available. Even then, check the link in the email very carefully before clicking it.
Replying is not possible. This forum is only available as an archive.