New Microsoft Hoax

A snapshot of the email I received

I received an email today from Microsoft. At least, it looked like a Microsoft email, telling me to install a cumulative security patch for the month of September.

But something looked dodgy.

  1. If it was from Microsoft, why was the sender’s email address julzsiqpkxb-zrtwmnhn@updates.com?
  2. Why would Microsoft send an exe file, when we usually download updates
    from their website?
  3. Why would Microsoft send an exe file to its users, many of whom use Outlook,
    which blocks exe files in the first place?

So I did a keyword search on Google, and came up with some interesting results. If you get this error message on your computer, you’ve been hit by the worm:

Error occurred Memory access violation in module kernel32 at :”

Turns out this worm’s been spreading since Sep 18! And Microsoft issued a warning on Sep 19, on suspicious-looking emails claiming to be from them.