Microsoft investigating fake WinLogon patch
Microsoft is investigating an e-mail that appears to be a security warning from the software heavyweight which patches a vulnerability in the “WinLogon Service”.
The e-mail has a spoofed “from” field so it looks like it has been sent from firstname.lastname@example.org, in reality it is most likely being mass spammed from an army of bots — PCs that have been compromised and are under the control of a cybercriminal group.
A Microsoft spokesperson told ZDNet Australia on Monday morning that the vulnerability does not exist and users should ignore the e-mail.
Full story: ZDNet Australia