# Fake Microsoft security updates circulate



## iinfi (Apr 9, 2005)

Source: *news.com.com/Fake+Microsoft+securi...3-5660042.html?part=rss&tag=5660042&subj=news

An e-mail campaign designed to lure people to a bogus Microsoft Web site is making the rounds as part of an attempt to install a Trojan horse, antivirus company Sophos said Friday. 

Attackers are sending out fake e-mails that claim to come from Microsoft's Windows Update. People who click on the link in the message are steered to a site that looks like Microsoft's security update site, where they are urged to download fake patches. 

But should unsuspecting users download the bogus patches, they will infect their computers with the Troj/DSNX-05 Trojan horse, according to Sophos. That, in turn, will let the attackers remotely take control of the infected PC. 

"Microsoft does not issue security warnings this way," said Graham Cluley, Sophos senior technology consultant. "They don't send updates in an HTML format, so don't follow the links in an e-mail. If you want to see if an update is real, you need to go to the real Microsoft Web site and check there." 

People, however, are likely to click on the phony Microsoft update notices, given that they are making the rounds at the same time as Microsoft is poised to issue its regular monthly security update

Microsoft has posted a notice on its site saying that on Tuesday it will issue some critical patches for Windows, Office, MSN Messenger and Exchange. 

The software maker is aware of the bogus e-mails, a company representative said Friday. It is encouraging people to go directly to its Web site for updates, instead of clicking on a link that purportedly takes them there. Once on the legitimate Microsoft site, they can click on the link that provides information on how to tell if a Microsoft security notice is legitimate. 

Techniques like the Trojan horse e-mails are not new; malicious virus writers have in the past sent e-mails with attachments proclaiming to contain downloadable security updates. The Dumaru worm was one such example, Cluley said.

And in another example of attackers taking advantage of Microsoft's monthly patch cycle, malicious virus writers sent out bogus e-mails in January that claimed to come from Microsoft and that encouraged users to click on an attachment containing a Trojan horse. 

The news spam e-mail started making the rounds on April 2 and continued through as late as 6 a.m. Friday PST, according to Sophos. The company noted that only 582 copies have been received, accounting for 0.04 percent of all spam that was tracked during that time by Sophos.


----------



## bharathbala2003 (Apr 9, 2005)

yes i too got a pop up saying install updates from MICROSOFT.. thank god i dint accept it..


----------



## redalert5 (Apr 10, 2005)

damn, thanx for the info...will keep this in mind.


----------



## sunnydiv (Apr 11, 2005)

u know, this has become so old, that anyone who falls for these, should fall for this, at least they learn a good lesson in life

which is:- do not trust links in email


----------



## Tech&ME (Apr 11, 2005)

People should know this, Microsoft does not deliver updates through e-mails, nor does Microsoft provide any links for the updates in there e-mails. What Microsoft issues is an advance intimation newsletter for subcribers, so that people can plan for the updates. (Only information about future update are given by Microsoft.) 

All the updates for Microsoft Windows is delivered through Windows Update or Software Update site of Microsoft.

People are strongly adviced not to go to these websites directly by typing there addressess on the address bar of your browsers. Instead do one of the following.

1. Either Click on the START --> All Programs ---> Windows Update.

2. Or Simply enable AUTOMATIC UPDATES option.


----------



## krishnathelord (Apr 15, 2005)

hey thax for the news update


----------



## rajkumar_personal (Apr 15, 2005)

N-E-V-E-R update MS Windows via a link in an EMail

Any1 who is familiar with MS should know that MS seldom mails people to update their Windows !

The Best way is via the Windows Update in the "Help and Support" Section on the Start menu !!!


BEWARE and be alert against such emails !!!


----------



## pradeep_chauhan (Apr 15, 2005)

Hey guys i installed five updates today from the microsoft site i hope there is no site hijacking or thing like that. One update was to see if the system has any trojen / spyware installed on the system this one sounded a bit fishy any ideas if all this is genuine stuff . I wonder if alls ok.


----------



## aadipa (Apr 16, 2005)

pradeep_chauhan said:
			
		

> Hey guys i installed five updates today from the microsoft site i hope there is no site hijacking or thing like that. *One update was to see if the system has any trojen / spyware installed on the system this one sounded a bit fishy any ideas if all this is genuine stuff . I wonder if alls ok.*



This is released every month and its OK.


----------



## frmneo999 (Apr 19, 2005)

haa...thr  r some real fools r out thr.. who evry time clcik yes FR"YOU NEED TO INSTAAL *** TO VIEW THIS PAGE" messages..


----------



## mariner (May 10, 2005)

hell !!! wished i had seen this topic earlier . came back home after 4.5 months. started my pc and got a popup that some 18 updates are waiting . clicked to download and was going thru the previous issues of the mag and boon goes my pc. after 20 restarts it was back to formating and reinstalling....

gotta be in touch with latest developments..

thanx bud


----------



## iinfi (May 10, 2005)

thank raaabo coz he is the one who made this topic sticky


----------



## Charley (May 13, 2005)

pradeep_chauhan said:
			
		

> Hey guys i installed five updates today from the microsoft site i hope there is no site hijacking or thing like that. One update was to see if the system has any trojen / spyware installed on the system this one sounded a bit fishy any ideas if all this is genuine stuff . I wonder if alls ok.



I regularly do the updates from the Windows update option, hope thats also safe.


----------



## vishal_bhatia87 (May 17, 2005)

Good peace of information! Thanks.

--
Vishal Bhatia


----------



## rajas700 (Aug 28, 2005)

Make geniue check the mail received from microsoft.


----------



## saifoddin (Oct 5, 2005)

hay thaks for information but i think every body who use internet & windows should that microsoft provide it's update only through their windows updater they dont use e mail any way who dont know about that now knows


----------



## rohan (Oct 16, 2005)

Microsoft always states this thing clearly: We do not send any e-mails regarding security updates.


----------



## job9434 (Oct 18, 2005)

well thanks for your information dude i will watch my back


----------



## hsksattish (Nov 11, 2005)

There are also some good clients to keep windows up to date.I found bigfix very reliable and flexible.It also gets the updates as soon as they are out.I think more people with dialup connections should try it.


----------



## rbhuvaneshbabu (May 13, 2006)

Hello Friends, its a nice joke. if you are using a original Version of Windows there's no way of hijacking the system. Use Geniue Microsoft Products, then you wont be Cheated. The Guys using the pirated versions will be getting the Trouble (these are the truth send by Microsoft Corporation) Please note that your system is not hijacked if you are using the Pirated softwares and if you are connected to the net. The Microsoft Company itself sends the Virus. This is the Truth.

With Regards,
R.Bhuvaneshbabu
09894433127
rbhuvaneshbabu@yahoo.com


----------



## Amargusain (May 26, 2006)

Dude,

After all those msgs n posts, the bottomline is :
 * use Windows Update regularly
 * Have automatic updates feature enabled
 * Enable pop-up blocker
 * And never, for Gods sake, click on any friggn advt askin u to make ur PC faster, etc kinda crap.

Gentle FYI .. If u been using Digit's CD/DVD, u'd notice a product called AutoPatcherXP .. all the latest updates/patches rolled into one clean-neat installation.

Ciao,
~Amu


----------



## siddharth> (Jul 12, 2006)

bharathbala2003 said:
			
		

> yes i too got a pop up saying install updates from MICROSOFT.. thank god i dint accept it..



Pop-ups can be trusted. I have configured automatic update to inform me with pop-ups, when new updated are available. But, the pop-ups from microsoft do not come from websites, but from taskbar.


----------



## thewisecrab (Oct 16, 2006)

Microsoft doesnt have the time 2 send each n every customer its updates by mail.this is common sense!!!


----------



## Suhas M (Oct 24, 2006)

Thanx for the news


----------



## x69x (Feb 18, 2007)

oh bro ,u want us to buy soft  , yea sure when i kill billy


----------



## Josan (Mar 19, 2007)

Yes always buy genuine products!!!!!!!!!!! ...........


----------



## anand.expert (May 21, 2007)

hi


----------



## cooldudie3 (Feb 17, 2008)

what the hell! I never thought anyone would fall for that
anywas, thanks for the info


----------



## NucleusKore (Feb 17, 2008)

rbhuvaneshbabu said:


> Hello Friends, its a nice joke.



Not funny for those infected.



rbhuvaneshbabu said:


> if you are using a original Version of Windows there's no way of hijacking the system.



Really?!!! You must be joking. I am a genuine Windows XP Home user, and I do not even want to TRY those links 



rbhuvaneshbabu said:


> Use Geniue Microsoft Products, then you wont be *Cheated*.


  No comments



rbhuvaneshbabu said:


> The Microsoft Company itself sends the Virus. This is the Truth.



You seem to be very sure, how come?



rbhuvaneshbabu said:


> 09894433127
> rbhuvaneshbabu@yahoo.com



Leaving your email and telephone number is not a good idea unless you want spam.


----------



## infra_red_dude (Feb 17, 2008)

Why are all guys bumping a 3 year old thread???

_Reporting..._


----------



## vish786 (Feb 17, 2008)

why is it sticky ?


----------



## slugger (Feb 17, 2008)

infra_red_dude said:


> Why are all guys bumping a 3 year old thread???
> 
> _Reporting..._



*LMAO!!!! ROFL!!!   *

how do u bump up a thread that reamains bumped up by deafult?


----------



## infra_red_dude (Feb 17, 2008)

slugger said:


> *LMAO!!!! ROFL!!!   *
> 
> how do u bump up a thread that reamains bumped up by deafult?


HAHA... call me n00b of the week!  Never saw it was a sticky! But why is this sticky anyways?


----------



## amitava82 (Feb 17, 2008)

For EXTRA protections for Windows users!


----------

