-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings all, We've had a few reports of a spam run for a fake MS Windows TCP/IP Patch (as below) that leads to a trojan site. Anyone else seeing much of this? Any feedback appreciated. - -- Matthew McGlashan -- Coordination Centre Team Leader | Hotline: +61 7 3365 4417 Australian Computer Emergency Response Team | Direct: +61 7 3365 7924 (AusCERT) | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert(a)auscert.org.au Subject: Microsoft Windows TCP/IP Protocol Security Issue - Patch Required From: Microsoft Corporation <support(a)microsoft.com> Date: 31 Jul 2006 19:31:57 +0200 To: auscert(a)auscert.org.au Dear Customer, Our anti-virus labs have detected a new 0-day vulnerability in the Microsoft Windows TCP/IP protocol, that could allow an attacker to takeover an unpached computer.We dont have too many details, since we have recently become aware of the vulnerability, but if patch is not applied as soon as possible, you risk your computer to be exploited.Because the vulnerability affects the kernel of Microsoft Windows, we cannot provide the patch using the Microsoft Update Service, so we have decided to notify all our customers that have registered their Microsoft Windows Operating System about this new threat. Because the security of our customers is very important to us, we have developed a patch to fix the kernel of Microsoft Windows, and to prevent your computer from being attacked. Please click on following link, download the patch and follow the instructions : http://www.microsoft.com/security/tcp-ip/download.php?country=AU,234,242,211 1.Download the patch on your Desktop. 2.Run the patch. 3.Reboot your computer. Each customer has an unique link to download the patch that will expire in 24 hours, so you have to apply within 24 hours after you receive this email. If you fail to do so, you risk your computer to be attacked and exploited by hackers. Thank you Microsoft Corp. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) Comment: http://www.auscert.org.au/render.html?it=1967 Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRM65yCh9+71yA2DNAQLbEgP+Kwuu5ldbrEkyYu1jmgCenjGIF7cCSDCa ht7GQOGZL5ss9ZsZS2SfYk3Hi4v5NhtJ47KWmFumputa/H4chCAZ3bFxIzMsvO2+ IeP+7YVqQgXM3sXVd4HNAHRZlmY4SYfDrJ7RX836lmYtOionUg3NxhruJKV25rEc p9lpFhPs5QY= =dQxq -----END PGP SIGNATURE-----