Fake security updates for Internet Explorer 9 and Firefox 3 are currently spreading as malware on the web. The malware programmers use spam e-mails to spread their work. What you would really install upon downloading these “updates” is a trojan horse.
In the corresponding spam mail, you might read that there is an update patch available regarding the security problems in Internet Explorer 9 and Firefox 3.x. This patch is said to be compatible with Windows XP, Windows Vista and Windows 7 and would be offered for download via the website microsoft-security.de (closed down in the meantime).
The electronic spam mail also contains a short installation manual. In the first step, recipients should download the mentioned fake “patch”, labeled “patch-web.exe” and launch it by double clicking.
After installing, a system restart is necessary. With friendly regards, the so-called Microsoft Director of Security Assurance, Steve Lipner ends the mail, according to information by the German news portal ‘T-Online’.
Commonly, you should always be alert with such e-mails announcing supposed security updates. You should only download updates from official and serious sources, as security experts recommend.
As the executable is said to be a new trojan, there is currently only rare information about this malicious software available. Experts still need to analyze the malware’s features.