Aiming to crack down on counterfeit software, Microsoft plans later this year to require customers tobefore downloading security patches and other add-ons to the operating system. Since last fall the company has been testing a tool that can check whether a particular version of Windows is legitimate, but until now the checks have been voluntary.
By the middle of this year, Microsoft will make the verification mandatory in all countries for both add-on features to Windows as well as for all OS updates, including security patches. Microsoft will continue to allow all people to get Windows updates by turning on the Automatic Update feature within Windows.
Microsoft's patch process has spawned anusers into downloading and installing a Trojan horse. A fake e-mail message, sent to CNET News.com, purports to be a Microsoft security notification about problems with the Windows operating system.
The message, which carries the subject line "MS Windows/Critical Error," attempts to fool PC users into downloading and installing an attached program. However, numerous spelling and grammar errors in the message could tip people off to the danger.
Meanwhile, antivirus specialist GeCad Net is warning that it has found afor Windows. The security service provider said that a critical patch issued by Microsoft in its MS05-001 bulletin earlier this month fails to resolve all of the security issues surrounding the HTML Help ActiveX control in Windows. Microsoft distributed the fix, along with additional security updates, to address the threat of attackers placing and executing malicious programs such as spyware on affected computers.