I received an email today from Microsoft. At least, it looked like a Microsoft email, telling me to install a cumulative security patch for the month of September.
But something looked dodgy.
- If it was from Microsoft, why was the sender's email address firstname.lastname@example.org?
- Why would Microsoft send an exe file, when we usually download updates from their website?
- Why would Microsoft send an exe file to its users, many of whom use Outlook, which blocks exe files in the first place?
Error occurred Memory access violation in module kernel32 at :"
Turns out this worm's been spreading since Sep 18! And Microsoft issued a warning on Sep 19, on suspicious-looking emails claiming to be from them.