Microsoft's monthly patch release has been recreated by hackers.
Disguised as a message from Microsoft security assurance director Steve Lipner, the spam email contains an .exe attachment which the email claims is "an experimental private version of an update for all Microsoft Windows OS users."
Recipients of the email are urged to install the attached update to help protect their computer against security threats and performance problems. If users open the attachment a Trojan virus will infect the PC with malware.
The instruction to download goes against Microsoft's normal practise, as it will never send an attachment for protection. Users are encouraged to be vigilant of spam messages and follow normal procedures when patching.
The announcement follows Microsoft's statement that it will include 11 patches in its October update – the same as in August which at the time was the biggest number of patches the software giant had delivered in 18 months. This month's updates tackle problems in Windows, Active Directory, Internet Explorer, Office and Host Integration Server.
Microsoft's advance notification said seven of the 11 patches updates will address vulnerabilities that could be used to execute remote code, whereby hackers could inject their own malicious code into vulnerable PCs.