Hackers hijack Patch Tuesday

Spoof emails target security conscious computer owners

13 October 2008 17:29 GMT / By Katie Scott

On the second Tuesday of every month, Microsoft is now accustomed to releasing the patches and fixes for its various software packages.

But now hackers are trying to take advantage of this and are sending out fake updates to dupe Microsoft software users on Patch Tuesday.

Internet surfers are reporting that they have received spoof emails claiming to be from Microsoft security assurance director Steve Lipner.

But they actually contain malware.

Amongst the emails are one that contains an attachment with an .exe extension, and claiming to be "an experimental private version of an update for all Microsoft Windows OS users", which will "help protect your computer against security threats and performance problems".

Microsoft is warning all recipients that installing this "update" releases a Trojan horse which will infect your PC.

The computing giant adds that it never sends out security updates as email attachments.

It warns: "If you suspect that an email message is not legitimate, do not click any links in it. Those links might be spoofed so that they appear to send you to a legitimate website when they actually send you to a malicious one."