I received an email today from admin @ Microsoft dotcom saying my password has
expired with a zip attachment indicating instructions. Not being gullible, but
still being curious, I virus scanned the attachment and saw that it was
indeed a virus. I forwarded the mail to our security team for investigation,
but it brings up a good point. Don't run attachments, patch your machines regularly
and practice safe computing. My quick tips,
- Don't believe everything you read in email. Not sure? Check here or here
- Don't run attachments if you don't know where they are coming from
- Use and update your antivirus software
- Use Windows Update
- Use a firewall and block everything but the necessary ports.
There's also been some news about a vulnerability affecting DCOM which lives
inside the RPC process, with a patch available through Windows
Update, which you should visit if you don't have the RPC patch installed.
*Update: Link to the security