来自微软的恶意邮件???

  • Article

大家好, 我是 Richard Chen, 软件安全项目经理.

本周互联网上关注的焦点是声称来自微软安全保障部门 Steve Lipner 的一封夹带恶意附件的邮件. 原文如下:

 

=================================================================================

Dear Microsoft Customer,

 

Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.

 

Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.

 

Since public distribution of this Update through the official website https://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.

 

As your computer is set to receive notifications when new updates are available, you have received this notice.

 

In order to start the update, please follow the step-by-step instruction:

1. Run the file, that you have received along with this message.

2. Carefully follow all the instructions you see on the screen.

 

If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.

 

We apologize for any inconvenience this back order may be causing you.

 

 

Thank you,

 

Steve Lipner

Director of Security Assurance

Microsoft Corp.

================================================================================

 

请注意, 微软不会主动寄发任何补丁给客户安装. 所以请不要执行该邮件的附件.

微软相关部门正在关注并调查该恶意邮件的来源, 有些杀毒软件已可以查杀该恶意附件.

 

并请依照下列建议三步骤保护您的系统安全:

 

1. 请使用者定期更新杀毒软件的定义檔案.

2. 使用操作系统内建方式执行 Windows Update (或使用 WSUS/SMS/Microsoft Update website).

3. 启用个人防火墙

 

建议您可以透以下链结订阅微软相关安全资讯:

https://www.microsoft.com/china/security/Newsletter/Newsletter01.mspx

 

Richard Chen

大中华区软件安全项目经理