There's an email floating around that claims to be from Microsoft support (support@microsoft.com) that contains an attachment a worm(sslpatch.exe). If your foolish enough to run this or any executable from an email, here's what will happen to your machine. First, the worm/virus takes a random key and encrypts several executables on your machine, making them useless. Then like most other viruses/worms it sends itself out via your address book.

Here's what the body of the message looks like.

From: "Microsoft Support" support@microsoft.com
Subject: Invalid SSL Certificate

Hello,

Microsoft Corporation announced that an invalid SSL certificate that web sites use is required to be installed on the user computer to use the https protocol. During the installation, the certificate causes a buffer overrun in Microsoft Internet Explorer and by that allows attackers to get access to your computer. The SSL protocol is used by many companies that require credit card or personal information so, there is a high possibility that you have this certificate installed. To avoid of being attacked by hackers, please download and install the attached patch. It is strongly recommended to install it because almost all users have this certificate installed without their knowledge.

Have a nice day,
Microsoft Corporation



FYI

Thanks for the Heads up.

Originally posted by Matt615
Thanks for the Heads up.

Ditto

http://www.symantec.com/avcenter/venc/data/w32.qint@mm.html