'Windows Update' hides nasty Trojan

Users may think they're protecting their machine...
Written by Will Sturgeon, Contributor on

Users may think they're protecting their machine...

Security firms are warning about a spam email which purports to be a Windows Update from Microsoft. However, when launched recipients will infect their machine with malicious code.

The email appears as though it is from Microsoft, coming from the spoofed address update@microsoft.com with subject lines such as 'Update your Windows machine', and links through to a website which mirrors the design of a proper Windows Update page but as the page opens it will download a malicious .exe into a Windows directory and install a Trojan horse (DSNX-05).

While running, the application will consume 100 per cent of CPU power by forcing the CPU to perform continuous processes, according to a report from SurfControl.

SurfControl first intercepted the email in Australia. As is often the case it then followed the sun west as different time zones came online.

Graham Cluley, senior technology consultant for Sophos, said: "We have long recommended that computer users keep up-to-date with the latest security patches, as Microsoft vulnerabilities are often exploited by viruses, worms and hackers. But users must be very careful to be sure they are going to the official update websites, rather than just following links in emails which have been sent by hackers."

Cluley added that Microsoft does not issue security warnings in this way.

"Users should be on their guard whenever they receive an email like this," he added.

Editorial standards