Sophos warn about a fake Microsoft email that's actually serving is malicious code masquerading as refreshes coming from Microsoft. The email seemingly from Microsoft's security team "firstname.lastname@example.org", which even quotes the real name of a senior member of Microsoft's security team - Steve Lipner - to try to fool you into believing it's genuine -- telling you to "Update your Windows" and comes with a attached file called "KB453396-ENU.zip."
"KB453396-ENU.zip is really a nasty worm dubbed W32/Autorun-BMF that's being offered to unsuspecting users through emails which appear to be coming from Microsoft."
The emails have a subject line of "Update your Windows" and contain the following text:
Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments.