Vista - Microsoft investigating fake WinLogon patch

Microsoft is investigating an e-mail that appears to be a security warning
from the software heavyweight which patches a vulnerability in the "WinLogon
Service".

The e-mail has a spoofed "from" field so it looks like it has been sent from
patch@microsoft.com, in reality it is most likely being mass spammed from an
army of bots -- PCs that have been compromised and are under the control of
a cybercriminal group.

A Microsoft spokesperson told ZDNet Australia on Monday morning that the
vulnerability does not exist and users should ignore the e-mail.

"Microsoft advises users to ignore an e-mail currently circulating which
claims to provide a patch to a 'vulnerability in the WinLogon service' and
implies it has been sent by Microsoft.

"This e-mail is not from Microsoft Corporation and the claimed vulnerability
and patch do not exist . Microsoft is currently investigating this
fraudulent e-mail," the spokesperson said.

If users have already been duped into clicking on the link, the spokesperson
advised users to "immediately scan their computer using antivirus and
antispyware tools".

Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft
security bulletin and managed to infected millions of unpatched PCs.

The success of this led to numerous copycat messages but none have so far
managed to replicate Swen's success.

Source
http://www.zdnet.com.au/news/softwar...0.htm?feed=rss
--
Jason

http://www.orderpcs4free.com/?r=878

Thanks Jason - I still get those fake patches through me email - their so
fake it's unbelievable. They go straight to my spam server )

--
Zack Whittaker
» ZackNET Enterprises: www.zacknet.co.uk
» MSBlog on ResDev: www.msblog.org
» Vista Knowledge Base: www.vistabase.co.uk
» This mailing is provided "as is" with no warranties, and confers no
rights. All opinions expressed are those of myself unless stated so, and not
of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared
that up!

--: Original message follows :--
"Jason" <dsljay@hotmail.com> wrote in message
news:%23YigoD3gGHA.1244@TK2MSFTNGP04.phx.gbl...
> Microsoft is investigating an e-mail that appears to be a security warning
> from the software heavyweight which patches a vulnerability in the
> "WinLogon Service".
>
> The e-mail has a spoofed "from" field so it looks like it has been sent
> from patch@microsoft.com, in reality it is most likely being mass spammed
> from an army of bots -- PCs that have been compromised and are under the
> control of a cybercriminal group.
>
> A Microsoft spokesperson told ZDNet Australia on Monday morning that the
> vulnerability does not exist and users should ignore the e-mail.
>
> "Microsoft advises users to ignore an e-mail currently circulating which
> claims to provide a patch to a 'vulnerability in the WinLogon service' and
> implies it has been sent by Microsoft.
>
> "This e-mail is not from Microsoft Corporation and the claimed
> vulnerability and patch do not exist . Microsoft is currently
> investigating this fraudulent e-mail," the spokesperson said.
>
> If users have already been duped into clicking on the link, the
> spokesperson advised users to "immediately scan their computer using
> antivirus and antispyware tools".
>
> Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft
> security bulletin and managed to infected millions of unpatched PCs.
>
> The success of this led to numerous copycat messages but none have so far
> managed to replicate Swen's success.
>
> Source
> http://www.zdnet.com.au/news/softwar...0.htm?feed=rss
> --
> Jason
>
> http://www.orderpcs4free.com/?r=878
>
>
>
>
>