Microsoft investigating fake WinLogon patch

Microsoft is investigating an e-mail that appears to be a security warning from the software heavyweight which patches a vulnerability in the "WinLogon Service".The e-mail has a spoofed "from" field so it looks like it has been sent from patch@microsoft.

Microsoft is investigating an e-mail that appears to be a security warning from the software heavyweight which patches a vulnerability in the "WinLogon Service".

The e-mail has a spoofed "from" field so it looks like it has been sent from patch@microsoft.com, in reality it is most likely being mass spammed from an army of bots -- PCs that have been compromised and are under the control of a cybercriminal group.

A Microsoft spokesperson told ZDNet Australia on Monday morning that the vulnerability does not exist and users should ignore the e-mail.

"Microsoft advises users to ignore an e-mail currently circulating which claims to provide a patch to a 'vulnerability in the WinLogon service' and implies it has been sent by Microsoft.

"This e-mail is not from Microsoft Corporation and the claimed vulnerability and patch do not exist ... Microsoft is currently investigating this fraudulent e-mail," the spokesperson said.

If users have already been duped into clicking on the link, the spokesperson advised users to "immediately scan their computer using antivirus and antispyware tools".

Three years ago, the Swen worm (also known as Gibe.F) posed as a Microsoft security bulletin and managed to infected millions of unpatched PCs.

The success of this led to numerous copycat messages but none have so far managed to replicate Swen's success.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All