microsoft investigating fake winlogon patch

Microsoft is investigating an e-mail that appears to be a security warning from the software heavyweight which patches a vulnerability in the "WinLogon Service".
The e-mail has a spoofed "from" field so it looks like it has been sent from patch@microsoft.com, in reality it is most likely being mass spammed from an army of bots -- PCs that have been compromised and are under the control of a cybercriminal group.
A Microsoft spokesperson told ZDNet Australia on Monday morning that the vulnerability does not exist and users should ignore the e-mail.
"Microsoft advises users to ignore an e-mail currently circulating which claims to provide a patch to a 'vulnerability in the WinLogon service' and implies it has been sent by Microsoft.
"This e-mail is not from Microsoft Corporation and the claimed vulnerability and patch do not exist . Microsoft is currently investigating this fraudulent e-mail," the spokesperson said.
If users have already been duped into clicking on the link, the spokesperson advised users to "immediately scan their computer using antivirus and antispyware tools".
Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft security bulletin and managed to infected millions of unpatched PCs.
The success of this led to numerous copycat messages but none have so far managed to replicate Swen's success.
Source http://www.zdnet.com.au/news/software/soa/Microsoft_investigating_fake_WinLogon_patch/0,2000061733,39257447,00.htm?feed=rss -- Jason
http://www.orderpcs4free.com/?r=878

Thanks Jason - I still get those fake patches through me email - their so fake it's unbelievable. They go straight to my spam server :o)
-- Zack Whittaker » ZackNET Enterprises: www.zacknet.co.uk » MSBlog on ResDev: www.msblog.org » Vista Knowledge Base: www.vistabase.co.uk » This mailing is provided "as is" with no warranties, and confers no rights. All opinions expressed are those of myself unless stated so, and not of my employer, best friend, Ghandi, my mother or my cat. Glad we cleared that up!
--: Original message follows :-- "Jason" wrote in message

Microsoft is investigating an e-mail that appears to be a security warning from the software heavyweight which patches a vulnerability in the "WinLogon Service".
The e-mail has a spoofed "from" field so it looks like it has been sent from patch@microsoft.com, in reality it is most likely being mass spammed from an army of bots -- PCs that have been compromised and are under the control of a cybercriminal group.
A Microsoft spokesperson told ZDNet Australia on Monday morning that the vulnerability does not exist and users should ignore the e-mail.
"Microsoft advises users to ignore an e-mail currently circulating which claims to provide a patch to a 'vulnerability in the WinLogon service' and implies it has been sent by Microsoft.
"This e-mail is not from Microsoft Corporation and the claimed vulnerability and patch do not exist . Microsoft is currently investigating this fraudulent e-mail," the spokesperson said.
If users have already been duped into clicking on the link, the spokesperson advised users to "immediately scan their computer using antivirus and antispyware tools".
Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft security bulletin and managed to infected millions of unpatched PCs.
The success of this led to numerous copycat messages but none have so far managed to replicate Swen's success.
Source http://www.zdnet.com.au/news/software/soa/Microsoft_investigating_fake_WinLogon_patch/0,2000061733,39257447,00.htm?feed=rss -- Jason
http://www.orderpcs4free.com/?r=878