早上收到的电子邮件 发件方是 ndkjwsywey-jaiiuky@support.msn.com ,看样子里面是微软的紧急技术支持邮件,但是这个页面特别粗糙,看起来根本不是微软的做事风格,而且使用 support.msn.com ,一般微软的补丁邮件都是 support.microsoft.com 发出的怎么会是MSN的.附件中的“漏洞补丁”文件名是  Q856166.exe ,微软命名补丁文件一般是 kb或者MS开头的,不免有些奇怪,而且微软从来不会将补丁文件带在邮件附件里发出,而是放入一个链接到微软官方的下载链接,基本确定这封电邮是伪造的.
　　
　　于是在各大MVP博客里找了一下主题为 Current Microsoft Security Update 的电邮，发现意大利MVP Russo也在其博客提到此事，而且他还下载该附件分析，是一种蠕虫病毒。
　　以下是病毒邮件全文：
　　
　　
　　Microsoft Consumer
　　
　　this is the latest version of security update, the "December 2006, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your computer. This update includes the functionality of all previously released patches. 

System requirements Windows 95/98/Me/2000/NT/XP  This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later  Recommendation Customers should install the patch at the earliest opportunity.  How to install Run attached file. Choose Yes on displayed dialog box.  How to use You don't need to do anything after installing this item.

　　Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.
　　
　　Thank you for using Microsoft products.
　　----------------------------------------------------------
　　
　　
　　放出张截图：
　　
　　
　　
　　
　　至于发自ndkjwsywey-jaiiuky@support.msn.com，很明显是通过伪造的电子邮件地址
　　

欢迎访问最专业的网吧论坛,无盘论坛,网吧经营,网咖管理,网吧专业论坛https://bbs.txwb.com

关注天下网吧微信,了解网吧网咖经营管理，安装维护: