Tuesday, January 04, 2011

Fake Microsoft security update spreads Autorun worm

There's a face email supposedly originating form Microsoft urging you to "Update your Windows". If you've received this email or maybe an attachment with a file called KB453396-ENU.zip make sure not to execute the attachment and delete the email immediately.

The payload of this email is an Autorun worm installed by executing KB453396-ENU.exe.

The email has a subject line of "Update your Windows" and contains the following text:

Dear Microsoft Customer,

Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 2000, Microsoft Windows XP, Microsoft Windows Vista and Microsoft Windows 7.

Please notice, that present update applies to high-priority updates category. in order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.

you can continue to improve your computer's security and decrease the possibility of infection by keeping your system up-to-date, maintaining a current antivirus software.

As your computer is set to receive notifications when new updates are available, you have received this notice.

In order to start the update, please follow the step-by-step instruction:
1. Download and run the attached KB453396-ENU.exe update file
2. Carefully follow all the instructions you see on the screen

If nothing changes after you have run the file, probably in the setting of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.

We apologize for any inconvenience this back order may be causing you.

Thank you,

Steve Lipner,
Director of Security Assurance
 Microsoft Corp.

Microsoft never distributes updates via email.

The Malware has been classified as W32/Autorun-BMF, and the ZIP file as Mal/BredoZp-B. Update your Antivirus software in order to have the latest definitions.

The following companies have updated their virus definitions in order to detect W32/Autorun-BMF and Mal/BredoZp-B

For more information:

No comments:

Post a Comment