Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Virtualization, Licensing, and "Cold DR Use Rights" | Main | Playing with your WEI »

Do you have a Phishing Education Program in your Business?

I received this message earlier this week in my inbox. Interestingly enough, this is the first Microsoft patch-specific phishing attempt I've gotten in a while. The message is an obvious fake -- to we who are familiar with phishing attempts. But, are your employees similarly educated?

Do you have an "Appropriate Internet Use" and/or "Dealing with SpyWare, AdWare, Viruses, and Phishing" education program in your company for your employees? If not, consider developing one. It doesn't take much to put together a PowerPoint slide deck that details examples of what to watch for. And, tell employees to never, ever click on any link that ends in a .EXE!

Read on for the text of the message...

Greetings,

In program maintenance of Microsoft corporation, a critical vulnerability has been found in processing WMF-files.

Exploits using the "SetAbortProc" GDI function were discovered in May 2007.
The function, which registers an error handler normally intended for use when a print job is cancelled during spooling, allows arbitrary code added to a WMF image to be executed without the permission of the user.

Microsoft has now released a critical update for Windows 98/2000/XP and Vista and it is very important that you download it.
We urge you to update your Windows operating system with the patch attached, to prevent malicious users from compromising your systems security.

Our patch is downloadable via the Windows update center, or directly from {{web site link removed}}.

Thankyou for your cooperation.
With kindest regards, the Microsoft Customer Support.

Tags:          
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on June 1, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/171

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.