Microsoft investigating fake WinLogon patch

> Microsoft is investigating an e-mail that appears to be a security warning
> from the software heavyweight which patches a vulnerability in the
> "WinLogon Service".
>
> The e-mail has a spoofed "from" field so it looks like it has been sent
> from patch@microsoft.com, in reality it is most likely being mass spammed
> from an army of bots -- PCs that have been compromised and are under the
> control of a cybercriminal group.
>
> A Microsoft spokesperson told ZDNet Australia on Monday morning that the
> vulnerability does not exist and users should ignore the e-mail.
>
> "Microsoft advises users to ignore an e-mail currently circulating which
> claims to provide a patch to a 'vulnerability in the WinLogon service' and
> implies it has been sent by Microsoft.
>
> "This e-mail is not from Microsoft Corporation and the claimed
> vulnerability and patch do not exist . Microsoft is currently
> investigating this fraudulent e-mail," the spokesperson said.
>
> If users have already been duped into clicking on the link, the
> spokesperson advised users to "immediately scan their computer using
> antivirus and antispyware tools".
>
> Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft
> security bulletin and managed to infected millions of unpatched PCs.
>
> The success of this led to numerous copycat messages but none have so far
> managed to replicate Swen's success.
>
> Source
> http://www.zdnet.com.au/news/softwar...0.htm?feed=rss
> --
> Jason
>
> http://www.orderpcs4free.com/?r=878
>
>
>
>
>