Fake Microsoft security update spreads Autorun worm

Have you received an email seemingly from Microsoft’s security team telling you to “Update your Windows”? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer?

Well, think twice before following the instructions.

Cybercriminals are up to their old tricks, spreading malware under the disguise of a critical security patch from Microsoft.

In the current example, they’ve spammed out an email containing a worm, which even quotes the real name of a senior member of Microsoft’s security team – Steve Lipner – to try to fool you into believing it is genuine.

The emails have a subject line of “Update your Windows” and contain the following text:

Of course, Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments. Nevertheless, there have been a series of…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.