A pair of Trojans posing as Microsoft patches or updates are on the loose, security firms said Tuesday.
According to U.K.-based Sophos, the Trojan horse "BeastPWS-C" starts with a spoofed e-mail from Microsoft that claims a new vulnerability in the WinLogon Service is out and about. (WinLogon is the log-in
service for Windows NT, 2000, and XP.) The spammed message includes a link to a purported patch.