Microsoft investigating fake WinLogon patch

J

Jason

Microsoft is investigating an e-mail that appears to be a security warning
from the software heavyweight which patches a vulnerability in the "WinLogon
Service".

The e-mail has a spoofed "from" field so it looks like it has been sent from
(e-mail address removed), in reality it is most likely being mass spammed from an
army of bots -- PCs that have been compromised and are under the control of
a cybercriminal group.

A Microsoft spokesperson told ZDNet Australia on Monday morning that the
vulnerability does not exist and users should ignore the e-mail.

"Microsoft advises users to ignore an e-mail currently circulating which
claims to provide a patch to a 'vulnerability in the WinLogon service' and
implies it has been sent by Microsoft.

"This e-mail is not from Microsoft Corporation and the claimed vulnerability
and patch do not exist . Microsoft is currently investigating this
fraudulent e-mail," the spokesperson said.

If users have already been duped into clicking on the link, the spokesperson
advised users to "immediately scan their computer using antivirus and
antispyware tools".

Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft
security bulletin and managed to infected millions of unpatched PCs.

The success of this led to numerous copycat messages but none have so far
managed to replicate Swen's success.

Source
http://www.zdnet.com.au/news/softwa...n_patch/0,2000061733,39257447,00.htm?feed=rss
 
R

Rick Rogers

Nothing new here, there have been spoofed update mails for many years,
dating back to the Win95 days. Microsoft has never sent out patches via
generic email, and likely never will. To fall victim to this ruse you'd have
to be either a newbie or just oblivious to the computer world around you.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Windows help - www.rickrogers.org

Microsoft is investigating an e-mail that appears to be a security warning
from the software heavyweight which patches a vulnerability in the "WinLogon
Service".

The e-mail has a spoofed "from" field so it looks like it has been sent from
(e-mail address removed), in reality it is most likely being mass spammed from an
army of bots -- PCs that have been compromised and are under the control of
a cybercriminal group.

A Microsoft spokesperson told ZDNet Australia on Monday morning that the
vulnerability does not exist and users should ignore the e-mail.

"Microsoft advises users to ignore an e-mail currently circulating which
claims to provide a patch to a 'vulnerability in the WinLogon service' and
implies it has been sent by Microsoft.

"This e-mail is not from Microsoft Corporation and the claimed vulnerability
and patch do not exist . Microsoft is currently investigating this
fraudulent e-mail," the spokesperson said.

If users have already been duped into clicking on the link, the spokesperson
advised users to "immediately scan their computer using antivirus and
antispyware tools".

Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft
security bulletin and managed to infected millions of unpatched PCs.

The success of this led to numerous copycat messages but none have so far
managed to replicate Swen's success.

Source
http://www.zdnet.com.au/news/softwa...n_patch/0,2000061733,39257447,00.htm?feed=rss
 
A

antioch

Microsoft is investigating an e-mail that appears to be a security warning
from the software heavyweight which patches a vulnerability in the "WinLogon
Service".
Clipped

Thanks for that warning Jason - despite what others say, its nice to have that sort of info.
Have you posted in newusers.group etc for those 'newbies or oblivious to the computer world'
There are plenty of us who keep an eye in these groups.
Antioch
 
R

Rick Rogers

While I know the post is well intended, the truth is that it's sort of
useless. In 48 hours, the post will be buried and likely not to be read by
those that it's intended to help. The purpose of a support group is
questions and answers, posting a warning about a scam that's been in place
for a decade is sort of pointless. For that matter, most newbies do not
first scan a group for information but rather just bang in with their
question hoping for an immediate response. By the time they read that
warning, they are probably already here looking for the cure.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Windows help - www.rickrogers.org


Microsoft is investigating an e-mail that appears to be a security warning
from the software heavyweight which patches a vulnerability in the "WinLogon
Service".
Clipped

Thanks for that warning Jason - despite what others say, its nice to have
that sort of info.
Have you posted in newusers.group etc for those 'newbies or oblivious to the
computer world'
There are plenty of us who keep an eye in these groups.
Antioch
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Microsoft investigating fake WinLogon patch 1
Windows 7 Don't panic: Microsoft mistakenly posted a 'test' Windows update patch 3
Microsoft warns of serious security hole 34
Microsoft to release a critical "out of band" patch 0
Microsoft makes errors in Microsoft Security Advisory (912840) 11
Microsoft Security Advisory (919637) 4
Microsoft Jumps Schedule to Patch .ANI 3
Microsoft Posts Critical Security Fixes 7

Top