Users might be particularly vulnerable to e-mails claiming to be from Microsoft this week.
On April 12, Microsoft will make the Windows XP Service Pack 2 upgrade automatic for any machine that accesses the Windows Update utility at Microsoft's official update site.
Much has been made in recent weeks of the upcoming deadline for Windows XP users to update their operating systems with the large Service Pack 2 update.
Now, malicious hackers appear to be exploiting the public's concern over updates by distributing a bogus link to a Windows Update site.
The site, when accessed from an e-mail posing as a Microsoft notice, installs Trojan code on the user's machine and opens a back door that allows the PC to be controlled remotely.
This virus, like many others, takes advantage of users' powerful urge to click on e-mail attachments and links, even when their origin is suspicious.
An enormous amount of virus traffic on the Internet could be stopped if e-mail recipients simply would stop doing so, Graham Cluley, senior technology consultant with security firm Sophos, said.
Day of the Zombies
The current Trojan program, labeled TrojDSNX-05, can be used by hackers to make the PCs of innocent users into "zombies," said Sophos.
Zombie computers typically are used by the originators of spam to cover their tracks. Malicious hackers use infected machines to send enormous amounts of bulk e-mail or use the compromized systems in large-scale distributed denial-of-service attacks.
However, the code that underlies the virus actually has been known for some time. Those that have appropriately updated antivirus software should find that their security programs catch the malicious code, even if it is inadvertantly downloaded.
Users might be particularly vulnerable to e-mails claiming to be from Microsoft this week. On April 12, Microsoft will make the Windows XP Service Pack 2 upgrade automatic for any machine that accesses the Windows Update utility at Microsoft's official update site.
Many users have the automatic update feature on their operating systems turned off, but they might encounter a prompt to update when they access the site for other patches.
The SP2 update is not much of a problem for home users, say security experts. But many enterprises have avoided the update actively due to compatibility problems with other enterprise applications or network architecture issues.