[ISN] 'Experimental' security fix is malware, Microsoft says

From: InfoSec News <alerts_at_private>
Date: Tue, 14 Oct 2008 03:20:14 -0500 (CDT)

By Robert McMillan 
IDG News Service 

Scammers are sending out phoney e-mails that claim to include critical 
Windows security alerts, Microsoft warned Monday.

The fake alerts describe themselves as part of a new "experimental 
private version of an update for all Microsoft Windows OS users," 
Microsoft said in a note on the scam, posted Monday.

The e-mails then instruct the victim to download an attachment, which is 
actually a malicious Trojan Horse program known as Win32/Haxdoor. This 
software records sensitive information such as passwords and credit card 
numbers and sends this data back to the attackers who are running the 

The malware well-known, however, and is detected by antivirus programs 
as well as Microsoft's free Microsoft Malicious Software Removal Tool 


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Tue Oct 14 2008 - 01:20:14 PDT

This archive was generated by hypermail 2.2.0 : Tue Oct 14 2008 - 01:36:56 PDT