A malware campaign with several variations of emails appearing to come from Microsoft encouraging readers to click on a link to download IE Explorer updates is currently making the rounds. The malware is delivered when readers click on the link (usually imbedded in a photo). This article discussses the issue. The virus, Virus.Win32.Grum.A, spreads by emailing itself to contacts in a user’s address book. It tampers with registry files to ensure it gets installed, and then tries to download additional files from the internet
The messages are sent high importance and have coincided with news about a zero day cursor flaw.
I discovered two of these messsages in my spam quarantine folder. Both had a sent-from address of firstname.lastname@example.org and had professional looking images embedded. However, as expected, the links do not revert to Microsoft.
Admins should alert users immediately not to click these links.
Save This Page