[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.] Fake Microsoft agreement is being sent out with malicious payload - THE OFFICIAL BLOG OF THE SBS DIVA
Sun, Sep 2 2012 21:48 bradley

Fake Microsoft agreement is being sent out with malicious payload

Updated services agreement allows Microsoft to integrate content across cloud properties | The Verge:
http://www.theverge.com/2012/9/2/3285455/microsoft-updates-services-agreement-privacy-class-action-waiver

The EXACT same wording, the exact same look is also being sent out as a malicious document

ISC Diary | Blackhole targeting Java vulnerability via fake Microsoft Services Agreement email phish:
https://isc.sans.edu/diary/Blackhole+targeting+Java+vulnerability+via+fake+Microsoft+Services+Agreement+email+phish/14020

BE CAREFUL OUT THERE!!

 

Filed under:

# re: Fake Microsoft agreement is being sent out with malicious payload

Tuesday, September 04, 2012 11:56 AM by Otto

While disabling JAVA will prevent this exploit, Oracle has released a security update that presumably prevents this exploit:

www.oracle.com/.../alert-cve-2012-4681-1835715.html

# re: Fake Microsoft agreement is being sent out with malicious payload

Tuesday, September 04, 2012 12:02 PM by bradley

There's actually a new unpatched Java issue out.  I wouldn't depend on a patch this time.

# re: Fake Microsoft agreement is being sent out with malicious payload

Tuesday, September 04, 2012 1:36 PM by Otto

Bradly is correct...

While Oracle patch released last Thursday was suppose to address the CVE-2012-4681 stated vulnerability, it did not. The same and/or similar vulnerability still exists in JAVA program, based on ISC Diary posting here:

isc.sans.edu/.../14017