Researchers are warning PC users not to fall for an email scheme that pretends to be a warning and patch for a newly discovered flaw in Microsoft WinLogon Service.
The email tells users the flaw can allow malicious users to access a PC, then redirects them a malicious link that downloads a trojan.
The scam should be familiar to computer security researchers, said researcher Bojan Zdrnja of the SANS Internet Storm Center.
"Does all this sound familiar? Sure, it’s (almost) the same story that the Swen worm (or Gibe.F) tried to ‘sell’ to the users. Hopefully this one will not come close to doing what Swen did," he said.
Microsoft releases vulnerability patches on its regular Patch Tuesday schedule, the second Tuesday of every month. On the Thursday before that date, it releases preview information about the fixes.
Source:
scmagazine.com