A new Microsoft update threatens Windows users with the expiration of their copy of the operating system unless deployment is completed within half a day. This is obviously nothing but a fake Microsoft update spammed to spread malware. Sunbelt Software Chief Executive Officer, Alex Eckelberry, warned of the existence of a new spam campaign in the wild designed to push malicious code via emails masquerading as Windows Updates.
The emails appear to have been generated from Microsoft update [firstname.lastname@example.org] and contain the subject "Keep your computer up to date. Thanks!" The email is put together to fool unsuspecting users of Windows into virtually installing a Backdoor Trojan horse on their machines. Users that are oblivious to the fact that Microsoft does not serve Windows Updates via email, or even send out email notifications of updates, are the target of the spam campaign.
Users are threatened to "update your P.C. in maximum 12 hours otherwise your Windows will be Expired." The threat plays on Microsoft's own advice for users to keep machines up-to-date and goes on to offer High-Priority updates (recommended). Additionally, victims also have a chance to "select from optional and high-priority updates for Windows and other programs." Additionally, it is also clear that the Redmond company's own anti-piracy efforts have been turned against the users.
The reference made to the expiration of the operating system is a clear indication of the effects of Windows Genuine Advantage. Users should keep in mind the fact that the Redmond company only delivers update via Windows Update or WSUS, or through the official Microsoft Update and Download Center websites. If you agree to the installation of the fake Microsoft Update (not advisable since it's malware), IRC.Backdoor.Trojan, a backdoor, will infect your machine.
"High risks are typically installed without user interaction through security exploits, and can severely compromise system security. Such risks may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware. These risks may also collect and transmit personally identifiable information (PII) without your consent and severely degrade the performance and stability of your computer," reveals an excerpt from the IRC.Backdoor.Trojan's description from the Sunbelt Software Research.
Windows, Operating System, Windows OS, Microsoft, Security Update, Windows Update, WSUS, Microsoft Update, Backdoor, Spam