Erik van Straten reported receiving a spoofed email that led to a spoofed Microsoft site that downloaded a trojan with instructions to run it to patch your system. The site name is www.microsoft-security-updates.com is NOT a Microsoft site. This gets redirected to h**p://d558597.u25.surftown.com/mstasks.exe mstasks.exe is identified by Symantec/Norton AntiVirus beta definitions as "Trojan.Etsur".
Repeat after me: Unless you subscribe to their email security notification service, Microsoft's policy is not to send notification of vulnerabilities. They never send patches in email to users.
Your favorite shows are back!
Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!