Daily Archives: July 5, 2007

Bogus MS Security Bulletin MS07-0065 email

Sophos has issued a warning of a widespread attempt to infect computers by emailing users about a bogus Microsoft security patch. If you’re unfortunate enough to install it, your computer will become infected some serious malware.

The email, purporting to be from Microsoft, has “Microsoft Security Bulletin MS07-0065” in the subject line and claims that a zero-day vulnerability has been discovered in the Microsoft Outlook email program. It goes on to warn the recipient that “more than 100,000 machines” have been exploited by the vulnerability in attempts to sell Viagra and Cialis.

The bogus email encourages users to download a patch from http:// windowsupdate. microsoft.com/ outlook/ update-0-day / download.aspx?id=63852 (without the spaces) it claims will fix the problem and prevent them from being attacked by hackers. Clicking the link in the email does not take you to the Microsoft update site. Instead, it takes you to one of many compromised websites that hosts a trojan horse identified by Sophos as Mal/Behav-112.

Examples of the fraudulent emails seen by Sophos have contained the recipient’s full name and the name of the company they work for.

Continue reading