Slashdot Mirror
Fake Microsoft Patch Triggers Virus Attack
boarder8925 writes "eWeek reports: 'Like day follows night, a bogus cumulative update with a malicious attachment has followed Microsoft's patch day. In what has become a monthly staple, virus writers are taking advantage of the heightened public interest around Microsoft's patching cycle to trick users into executing a malicious attachment. The latest social engineering trick arrives via e-mail with an attachment that purports to be a 'cumulative patch' for May 2005.'"
... at least that's what they tell us. But we all know that it actually was a cummulatice update, but they screwed it up.
Anonymous Coward
OK, we get it. Don't run random attachments that people you don't know email to you. Why is this news? I get probably a hundred emails with viral attachments daily. Is Slashdot somehow suggesting that this is Microsoft's fault in some bizarre, convoluted way?
... that the best software in the world couldn't protect you from the stupidity of the guy in front of the monitor. Makes you wonder who is worse: Microsoft or their users?
Microsoft try and help users by providing easily accessible patches and they get blasted for it. I installed this patch yesterday and my machine works just fin^&*%^$%#%&^ [NO CARRIER SIGNAL]
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
Now, I'm all for making public the attacks but I think we should start bagging out the actual attackers. Cmon, social engineering through an email? Sure it'll fool a few people, and a few people is all you need to bring down a network, but let's patronise these guys. They're fuckin' con men for pete's sake and lame conmen at that. The only people they're tricking is morons. I move for guys like this to be put down at every chance.
Stop glorifying criminals!
The simple rule is to know what you're doing, or, if you don't know what you're doing, have it done by someone you trust. People don't start working on their cars unless they know what they're doing. They have the maintenance done by a mechanic or an experienced friend. Yet somehow we think that computer maintenance should be done by complete ignorants. It's never going to work.
Good point...
BUT, I work in a small IT department- and we spend about 1/2 of our weekly meeting talking about how 'stupid' these users are.
Not saying that I don't take part in the conversation...but I keep thinking to myself, "They aren't supposed to know this stuff, it isn't their job, it's OUR job."
I really hate it when we get on our high-horses and look down at people because they don't know as much about the computer they use as we do. I would hope not, otherwise we would be some weak-ass IT people.
I'm guilty to, and every IT person I have ever met is just as guilty. But when we need to purchase something, we walk over to the purchasing people and say 'I have no idea what I am doing, but I need to order this thing...' I wonder if when we leave, they all start laughing at us and call us a 'bunch of fucking idiots.'
I hope so...because we have some real arrogant bastards in IT who really need to realize that nobody else really gives a damn about the difference between right-click and left click...
No reason to lie.
Just tested on Windows Server 2003... .shs, .pif, .url, and .shb files exhibit this behavior. I do not have microsoft access installed, so the .mam and .mad files show up as normal.
I looked a little more into it, and there is a NeverShowExt REG_SZ entry in the registry for each file type that does this. Here it is described in detail.
I would suggest searching through the registry for NeverShowExt and deleting the occurrences you find under HKCR. Be careful editing your registry, do it only if you know what you're doing, etc.
Your credit card information wants to be free.