Fake Microsoft Email Urges Windows Update, Installs Trojan Wupdate-20050401.exe

The Internet Patrol default featured image
Share the knowledge

A fake Microsoft email urges users to install the latest Windows update, and even links and takes them to a site which sure seems to be a real Microsoft website. But it isn’t. And the email actually leads to the installation of a trojan horse file. The payload file is named “Wupdate-20050401.exe”, and it will turn your Windows PC into a dedicated spamming machine, at the remote beck and call of the spammer who stands ready and waiting for you to make the click which will install the Wupdate-20050401.exe file on your machine.

And reports indicate that the processes associated with Wupdate-20050401.exe are capable of taking control of 100% of your system’s processes, leaving you and your machine dead in the water.

In addition to the email looking like it comes from Microsoft, and offering a link to a site which looks like a Microsoft site, the timing of this email couldn’t be more perfect, as Microsoft has just announced that they in fact about to release several new patches for Windows. The new legitimate Microsoft Windows patches are due out next Tuesday.

Perhaps worst of all, the email is unlikely to be caught by spam filters, further giving it an appearance of legitimacy. “The e-mail won’t be picked up through anti-spyware software because the .exe file does not contain spyware signatures that would be used to identify it as potentially harmful,” said Martino Corbelli from SurfControl.

So what can the Windows user do to protect themselves, especially knowing that there is a legitimate update coming out in a few days? According to Graham Cluley, a senior technology consultant with Internet security firm Sophos, “Microsoft does not issue security warnings this way. They don’t send updates in an HTML format, so don’t follow the links in an e-mail. If you want to see if an update is real, you need to go to the real Microsoft Web site and check there.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

And just so you have it handy, the URL for that real Microsoft website is at http://www.microsoft.com/security/.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

3 thoughts on “Fake Microsoft Email Urges Windows Update, Installs Trojan Wupdate-20050401.exe

  1. what if I already downloaded this stuff? Do I have to take it back to my computer guy again? Or can I remove this by myself?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.