Newly found Vulnerabilities 04/07/08:
Email Attack Targeting Microsoft's April Security Bulletin Release Cycle
We have seen reports of an email attack targeting
Microsoft's April Security Bulletin release cycle. This attack arrives via
email messages with the subject line "Critical Patch Released: Microsoft
Security Bulletin MS08-64738." These email messages contain a link to a
fraudulent Microsoft Update web site that hosts malicious code or contains an
attachment that is embedded with malicious code. Users who follow the link or
open the attachment may become infected with a Trojan.
We encourage users to do the following to help mitigate the risks:
Install anti-virus software and keep its virus
signature files up to date.
Do not follow unsolicited web links received in
email messages.
Verify web sites recommended in email by
manually typing their URLs. Do not link directly to web sites recommended in an
email.