Black Monday for Patch Tuesday hack victims

 

Gallery

By Barry Collins

Posted on 13 Oct 2008 at 12:55

Hackers are conning Windows users into installing a Trojan Horse disguised as a Microsoft security patch, according to security firm Sophos.

The exploit is attempting to lull users awaiting Microsoft's infamous Patch Tuesday update, which is due tomorrow. Ironically, it uses a security scare as the pretense for delivering the patch via email.

"Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows," the email reads, with the clumsy diction that is the hallmark of such phishing attacks. "Since public distribution of this Update through the official website http://www.microsoft.com would have resulted in efficient creation of a malicious software [sic], we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users."

The attached file infects Windows PCs with the Mal/EncPk-CZ Trojan, according to Sophos, which could hand control of the infected machine over to hackers.

While experienced IT managers are unlikely to fall for such a unsophisticated attack, the fear is consumers won't be so savvy.

"Computer users need to learn that Microsoft never sends out security updates as email attachments, and that they should always visit the genuine Microsoft website (or use automatic updating processes) to keep their systems current," says Sophos' senior technology consultant, Graham Cluley.

Click here for news of what to expect in a bumper Patch Tuesday.