Computerworld has posted an article that there is a new email spam which tells a user to download a Windows update. Those who click the link in the email will be directed to a site which will inject a malicious code on their computers.

“A new 0-day vulnerability has appeared in the wild. The vulnerability affects machines running MICROSOFT OUTLOOK and allows an attacker to take full control of the vulnerable computer if the exploitation process is succesfull [sic],” the messge reads.

“Security bulletins from Microsoft describing vulnerabilities in their software are a common occurrence. [But] by using people’s real names, the Microsoft logo and legitimate-sounding wording, the hackers are attempting to fool more people into stepping blindly into their bear trap,” said Graham Cluely in a statement. He is a Sophos PLC analyst.

Source: Computerworld