[AusNOG] Trojan "MS Windows TCP/IP Patch" spam run
matthew at auscert.org.au
matthew at auscert.org.au
Tue Aug 1 12:17:44 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings all,
We've had a few reports of a spam run for a fake MS Windows TCP/IP Patch
(as below) that leads to a trojan site. Anyone else seeing much of this?
Any feedback appreciated.
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
Subject: Microsoft Windows TCP/IP Protocol Security Issue - Patch Required
From: Microsoft Corporation <support at microsoft.com>
Date: 31 Jul 2006 19:31:57 +0200
To: auscert at auscert.org.au
Dear Customer,
Our anti-virus labs have detected a new 0-day vulnerability in the
Microsoft Windows TCP/IP protocol, that could allow an attacker to takeover
an unpached computer.We dont have too many details, since we have recently
become aware of the vulnerability, but if patch is not applied as soon as
possible, you risk your computer to be exploited.Because the vulnerability
affects the kernel of Microsoft Windows, we cannot provide the patch using
the Microsoft Update Service, so we have decided to notify all our
customers that have registered their Microsoft Windows Operating System
about this new threat.
Because the security of our customers is very important to us, we have
developed a patch to fix the kernel of Microsoft Windows, and to prevent
your computer from being attacked.
Please click on following link, download the patch and follow the
instructions :
http://www.microsoft.com/security/tcp-ip/download.php?country=AU,234,242,211
1.Download the patch on your Desktop.
2.Run the patch.
3.Reboot your computer.
Each customer has an unique link to download the patch that will expire
in 24 hours, so you have to apply within 24 hours after you receive this
email.
If you fail to do so, you risk your computer to be attacked and exploited
by hackers.
Thank you
Microsoft Corp.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRM65yCh9+71yA2DNAQLbEgP+Kwuu5ldbrEkyYu1jmgCenjGIF7cCSDCa
ht7GQOGZL5ss9ZsZS2SfYk3Hi4v5NhtJ47KWmFumputa/H4chCAZ3bFxIzMsvO2+
IeP+7YVqQgXM3sXVd4HNAHRZlmY4SYfDrJ7RX836lmYtOionUg3NxhruJKV25rEc
p9lpFhPs5QY=
=dQxq
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list