Bogus Windows Firewall and Security Center Update Email Links To Malware
Outline Email purporting to be from Microsoft Canada instructs recipients to click a link in order to download and install a high priority security update for the Microsoft Windows Firewall and Security Center.
The email is not from Microsoft and the link does not point to a security update. Instead, following the instructions in the message will download and install malware. Microsoft will never send security updates via an email.
Subject: Critical Update For Microsoft Firewall and Security Center
Please notice that Microsoft has recently issued a Security Update for
Microsoft Windows Firewall and Security Center.
This Update is to prevent malicious users from getting access to your
computer files by executing arbitary code on a new buffer overflow
found in the windows firewall process.
This is an high-priority updates. In order to help protect your
computer against security threats and malicious code.
Please follow these instructions:
1. Download the file from
2. Double-click on SECURITY_FIX_4081.exe to start the update.
3. Click on *Allow Access*
This is an Automated Message produced by Microsoft Canada Co., Please
Do Not Reply
According to this email, which claims to be from Microsoft Canada, recipients should follow a link to download a "high-priority" security update for the Microsoft Windows Firewall and Security Center. The message claims that installing the update will help protect the user's computer against "security threats and malicious code".
However, the message is certainly not from Microsoft. Clicking the link in the message will not download a security update. In fact, following the instructions in this fraudulent email will download and install malware on the recipient's computer.
Microsoft will NEVER send you an unsolicited email that asks you to install a security update either by following a link or by opening an attachment. Windows users should always update their Microsoft products via Windows Update.