Fake Microsoft Patch Triggers Virus Attack

← Back to Stories (view on slashdot.org)

Fake Microsoft Patch Triggers Virus Attack

Posted by Zonk on Saturday May 21, 2005 @12:18AM from the watch-what-you-click dept.

boarder8925 writes "eWeek reports: 'Like day follows night, a bogus cumulative update with a malicious attachment has followed Microsoft's patch day. In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment. The latest social engineering trick arrives via e-mail with an attachment that purports to be a 'cumulative patch' for May 2005.'"

6 of 275 comments (clear)

Min score:

Reason:

Sort:

The point is... by NineNine · 2005-05-21 00:26 · Score: 5, Interesting

OK, we get it. Don't run random attachments that people you don't know email to you. Why is this news? I get probably a hundred emails with viral attachments daily. Is Slashdot somehow suggesting that this is Microsoft's fault in some bizarre, convoluted way?
1. Re:The point is... by MichaelSmith · 2005-05-21 00:38 · Score: 4, Interesting
  
  Don't run random attachments that people you don't know email to you.
  My clueless co-workers are constantly sending me MS Office formatted files which I am expected to blindly execute. Everybody else in the company does it and they look at me strangely for complaining.
  
  Because of the way the IE shell interface works there is no good way to distinguish between a document file and an executable made up to look like a document file.
  
  The people who run the Windows side of our network aren't worried. They point to the virus filters on email and say "nothing bad can get in, why worry?"
  
  Everybody is taught to run attachments. Nobody is taught not to.
  
  --
  http://michaelsmith.id.au
Nice confirmation of the fact... by dos_dude · 2005-05-21 00:26 · Score: 5, Interesting

... that the best software in the world couldn't protect you from the stupidity of the guy in front of the monitor. Makes you wonder who is worse: Microsoft or their users?
Sandbox by datadriven · 2005-05-21 00:59 · Score: 2, Interesting

If Outlook and Outlook Express ran in a sandbox it woud fix most of these issues wouldn't it?

--
GETPKG - Package Management for Slackware
My God, why do people still click on these posts? by LM741N · 2005-05-21 01:09 · Score: 2, Interesting

We need an internet/computer Darwin awards, haha.
After year of preaching to the converted, the converted are still only about 10%.

Rob.
Re:I doubt it has to do with timing... by MightyMartian · 2005-05-21 03:48 · Score: 4, Interesting

The fact is that Microsoft (and other companies as well) have time and time again said "We don't email updates/credit card requests/bank account requests/etcetera ad nauseum". People simply are not listening, and I'm not too sure how they will ever learn.
Perhaps if ISPs started actually billing people when they spewed out viruses and spam, that might have some effect. It wouldn't have to be much, a couple of bucks maybe, but the point is, I don't think anything else is going to get it through the average user's head.

--
The world's burning. Moped Jesus spotted on I50. Details at 11.